From a29b07fa73e13b9ddd5241f9f32a386fd82a3788 Mon Sep 17 00:00:00 2001
From: Ramon Roche <mrpollo@gmail.com>
Date: Mon, 30 Oct 2023 12:29:40 -0700
Subject: [PATCH] Security Vulnerability Reporting

---
 SECURITY.md | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000000..ed99e771bbc8
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,25 @@
+# Security Policy
+
+## Supported Versions
+
+The following is a list of versions the development team is currently supporting.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.4.x   | :white_check_mark: |
+| 1.3.3   | :white_check_mark: |
+| < 1.3   | :x:                |
+
+## Reporting a Vulnerability
+
+We currently only receive security vulnerability reports through GitHub.
+
+To begin a report, please go to the top-level repository, for example, PX4/PX4-Autopilot,
+and click on the Security tab. If you are on mobile, click the ... dropdown menu, and then click Security.
+
+Click Report a Vulnerability to open the advisory form. Fill in the advisory details form.
+Make sure your title is descriptive, and the development team can find all of the relevant details needed
+to verify on the description box. We recommend you add as much data as possible. We welcome logs,
+screenshots, photos, and videos, anything that can help us verify and identify the issues being reported.
+
+At the bottom of the form, click Submit report. The maintainer team will be notified and will get back to you ASAP.