From 4907d56df9b8a758919899cf099050d732b63e0b Mon Sep 17 00:00:00 2001
From: Matt Godbolt <matt@godbolt.org>
Date: Sat, 25 Sep 2021 13:15:54 -0500
Subject: [PATCH] Create SECURITY.md

---
 SECURITY.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..6d7e18941
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+Compiler Explorer allows remote users to compile and, if configured, execute
+code.  We take security seriously, and encourage users to promptly report
+security vulnerabilities they find.
+
+## Reporting a Vulnerability
+
+If the issue can be reported without revealing exploitable specifics, please
+file [an issue](https://github.com/compiler-explorer/compiler-explorer/issues/new/choose) as a bug.
+
+Please email matt@godbolt.org with specifics, or if the bug can't be reported publically
+without leaving an obvious exploit in the public eye.
+
+We expect to get back within a day or two. If you don't hear from us, please do ping us again,
+or reach out to us on the [Discord](https://discord.gg/wFXUwDp).