From 7eb9d34fa4b4515b2d6d53b16306d47cee426111 Mon Sep 17 00:00:00 2001
From: Riley Karson <rileykarson@google.com>
Date: Thu, 15 Jul 2021 14:15:51 -0700
Subject: [PATCH] Add a security policy that uses g.co/vulnz for intake (#4970)

---
 .github/SECURITY.md | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 .github/SECURITY.md

diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 000000000000..ce1f393f6451
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,4 @@
+To report a security issue, please use http://g.co/vulnz. We use
+http://g.co/vulnz for our intake, and do coordination and disclosure here on
+GitHub (including using GitHub Security Advisory). The Google Security Team will
+respond within 5 working days of your report on g.co/vulnz.