add SECURITY.md to outline security policy and supported versions

Signed-off-by: Abhishek Gaikwad <[email protected]>
NVIDIA · Aug 15, 2024 · 479b4ca · 479b4ca
1 parent 080809d
commit 479b4ca
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,25 @@
+# Security Policy
+
+## Supported Versions
+
+We are committed to ensuring the security and stability of AIStore. As such, we will only provide security updates and support for the latest and most recent release versions of AIStore. We strongly encourage users to keep their installations up-to-date with the latest stable release.
+
+| Version         | Supported          |
+| --------------- | ------------------ |
+| Latest Release  | :white_check_mark: |
+| `main` branch   | :white_check_mark: |
+| Older Versions  | :x:                |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in AIStore, we encourage you to report it as soon as possible. To ensure the safety and security of our users, please do not disclose the vulnerability publicly until it has been addressed and a fix is available.
+
+1. **Notify the AIStore Development Team**: To report vulnerabilities, please email us at [[email protected]](mailto:[email protected]). Provide detailed information to help us quickly identify and address the issue.
+
+2. **Await Our Response**: Our development team will respond promptly. We will collaborate with you to understand the issue fully and take appropriate action, including issuing a patch or workaround.
+
+## Additional Information
+
+For more information on our security practices or if you have any other questions, please reach out to us at [[email protected]](mailto:[email protected]).
+
+Thank you for helping us keep AIStore secure!