From 12a1d8e822a1f951bfdc65ff1a287e13e0628ab6 Mon Sep 17 00:00:00 2001 From: Tuan Dang Date: Sat, 29 Apr 2023 21:41:33 +0300 Subject: [PATCH] Update README --- README.md | 2 -- SECURITY.md | 10 +++++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index aa1d7d4c..a24d18d7 100644 --- a/README.md +++ b/README.md @@ -111,8 +111,6 @@ Infisical takes security issues very seriously. If you have any concerns about I Note that this security address should be used only for undisclosed vulnerabilities. Please report any security problems to us before disclosing it publicly. -Looking to report a security vulnerability? Please don't post about it in GitHub issue. Instead, refer to our [SECURITY.md](./SECURITY.md) file. - ## Contributing Whether it's big or small, we love contributions. Check out our guide to see how to [get started](https://infisical.com/docs/contributing/overview). diff --git a/SECURITY.md b/SECURITY.md index bc383f10..debde5ba 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,9 +1,13 @@ # Security Policy -## Supported Versions +## Supported versions We always recommend using the latest version of Infisical to ensure you get all security updates. -## Reporting a Vulnerability +## Reporting vulnerabilities -Please report security vulnerabilities or concerns to team@infisical.com. +Please do not file GitHub issues or post on our public forum for security vulnerabilities, as they are public! + +Infisical takes security issues very seriously. If you have any concerns about Infisical or believe you have uncovered a vulnerability, please get in touch via the e-mail address security@infisical.com. In the message, try to provide a description of the issue and ideally a way of reproducing it. The security team will get back to you as soon as possible. + +Note that this security address should be used only for undisclosed vulnerabilities. Please report any security problems to us before disclosing it publicly. \ No newline at end of file