From fece67ff5000b8bf5d106768d9837afaf530b7d5 Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Mon, 25 May 2020 15:08:47 -0700
Subject: [PATCH] Create SECURITY.md

---
 SECURITY.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..eae320353
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,19 @@
+# Security Policy
+
+## Supported Versions
+The following versions of Pterodactyl are receiving active support and maintenance. Any security vulnerabilities discovered must be reproducible in supported versions.
+
+| Panel | Daemon       | Supported          |
+| ----- | ------------ | ------------------ |
+| 1.0.x | wings@1.0.x  | :white_check_mark: |
+| 0.7.x | daemon@0.6.x | :white_check_mark: |
+| 0.6.x | daemon@0.5.x | :x:                |
+| 0.5.x | daemon@0.4.x | :x:                |
+
+## Reporting a Vulnerability
+
+Please reach out directly to any project team member on Discord when reporting a security vulnerability, or you can send an email to `dane [ät] pterodactyl.io`.
+
+We make every effort to respond as soon as possible, although it may take a day or two for us to sync internally and determine the severity of the report and its impact. Please, _do not_ use a public facing channel or GitHub issues to report sensitive security issues.
+
+As part of our process, we will create a security advisory for the affected versions and disclose it publicly, usually two to four weeks after a releasing a version that addresses it.