🏡 index : github.com/captn3m0/skills-introduction-to-repository-management.git

Diff

 SECURITY.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..5c4ac85 100644
--- /dev/null
+++ a/SECURITY.md
@@ -1,0 +1,28 @@
# Mergington High School Security Policy

## Reporting a Vulnerability

At Mergington High, we take the security of our Extra-Curricular Activities website seriously, especially
since it contains student information. If you discover a security vulnerability, please follow these steps:

1. **Do not** create an issue on this repository, disclose the vulnerability publicly, or discuss it with other teachers/students.
1. In the top navigation of this repository, click the **Security** tab.
1. In the top right, click the **Report a vulnerability** button.
1. Fill out the provided form. It will request information like:
   - A description of the vulnerability
   - Steps to reproduce the issue
   - Potential impact on student data or website functionality
   - Suggested fix (if you have one)
1. Email the IT Club faculty advisor at techsupport@mergingtonhigh.example.edu and inform them you have made a report. **Do not** include any vulnerability details.

## Response Timeline

- We will acknowledge receipt of your report within 2 school days
- We will provide an initial assessment within 5 school days
- Critical issues affecting student data will be addressed immediately
- We will create a private fork to solve the issue and invite you as a collaborator so you can see our progress and contribute.

## Thank You

Your help in keeping our school's digital resources secure is greatly appreciated!
Responsible disclosure of security vulnerabilities helps protect our entire school community.