From 9ebcf85752a48974f996cfededa21f45cdca6ddd Mon Sep 17 00:00:00 2001
From: mkarlstrand-splunk
 <49571555+mkarlstrand-splunk@users.noreply.github.com>
Date: Mon, 6 Jul 2020 04:50:12 -0700
Subject: [PATCH] Create SECURITY.md (#551)

* Create SECURITY.md
Co-authored-by: mbonsack <mbonsack@splunk.com>
---
 SECURITY.md | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..581a61d
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,18 @@
+# Security Policy
+
+## Supported Versions
+
+Splunk Connect for Syslog does not support "hotfix" patching, so all bug fixes (including security issues) are contained within the latest GA release.
+
+## Reporting a Vulnerability
+
+Splunk takes security vulnerabilities very seriously. When a member of the community identifies a potential security issue, it needs to be reported fully and carefully. A diligent Community helps keep us all safer and Splunk appreciates your timely and responsible disclosure of any security concern.
+
+To report a potential vulnerability in Splunk Connect for Syslog, please contact the Splunk Product Security Team via the Splunk website:
+https://www.splunk.com/en_us/form/bug-submission-prodsec.html
+
+Per the Splunk Product Security Policy, A Splunk representative will be in touch with you within 2 business days of receipt of your communication.
+
+All fixed security bugs are listed on the Splunk Product Security Portal page:
+https://www.splunk.com/page/securityportal
+