From 09ab3d48bd8de1f5f1b04976f3b216bbfecf80b1 Mon Sep 17 00:00:00 2001
From: Luca Comellini <luca.com@gmail.com>
Date: Thu, 23 Mar 2023 18:50:15 -0700
Subject: [PATCH] Create SECURITY.md

Signed-off-by: Luca Comellini <luca.com@gmail.com>
---
 SECURITY.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..28614a55
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+We advise users to run the most recent release of the NGINX Ingress Operator, and we issue software updates to the most recent release. We provide technical support for F5 customers who are using the most recent version of the NGINX Ingress Operator, and any version released within two years of the current release.
+
+For more information visit https://docs.nginx.com/nginx-ingress-controller/technical-specifications/
+
+## Reporting a Vulnerability
+
+The F5 Security Incident Response Team (F5 SIRT) has an email alias that makes it easy to report potential security vulnerabilities.
+
+- If you’re an F5 customer with an active support contract, please contact [F5 Technical Support](https://www.f5.com/services/support).
+- If you aren’t an F5 customer, please report any potential or current instances of security vulnerabilities with any F5 product to the F5 Security Incident Response Team at F5SIRT@f5.com
+
+For more information visit https://www.f5.com/services/support/report-a-vulnerability