From 41eacd82728bf5c8e0b044970e3d4afbfcde3f90 Mon Sep 17 00:00:00 2001
From: Jason Ertel <jertel@users.noreply.github.com>
Date: Mon, 12 Aug 2024 21:57:44 -0400
Subject: [PATCH] Create SECURITY.md

---
 SECURITY.md | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..f1974b93
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,24 @@
+# Security Policy
+
+## Supported Versions
+
+Due to the small team maintaining this project only the latest release is supported. However, 
+breaking changes are rare with this project's releases and so typically there should be no
+reason to not upgrade to the latest release.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| >= 2.18 | :white_check_mark: |
+| < 2.17  | :x:                |
+| 1.x     | :x:                |
+
+
+## Reporting a Vulnerability
+
+If you believe you've found an urgent vulnerability, please send an email to 
+security@elastalert.com with sufficient information to reproduce the problem.
+
+A response can be expected within 24 hours, however there may be situations
+where a response may take a couple of days. If no response is received within 2-3 
+days there may be an issue with email transmission. The secondary contact 
+method is to send the project maintainer a direct message on [LinkedIn](https://www.linkedin.com/in/jertel/).