Update SECURITY.md

h3rrr · ericspod · web-flow · commit 7160338285ed · 2025-09-08T12:48:38.000+08:00
Co-authored-by: Eric Kerfoot &lt;17726042+ericspod@users.noreply.github.com&gt;
Signed-off-by: h3rrr &lt;81402797+h3rrr@users.noreply.github.com&gt;
diff --git a/SECURITY.md b/SECURITY.md
@@ -1,5 +1,23 @@
 # Security Policy
 
+## Reporting a Vulnerability
+MONAI takes security seriously and appreciate your efforts to responsibly disclose vulnerabilities. If you discover a security issue, please report it as soon as possible.
+
+To report a security issue:
+* please use the GitHub Security Advisories tab to "[Open a draft security advisory](https://github.com/Project-MONAI/MONAI/security/advisories/new)".
+* Include a detailed description of the issue, steps to reproduce, potential impact, and any possible mitigations.
+* If applicable, please also attach proof-of-concept code or screenshots.
+* We aim to acknowledge your report within 72 hours and provide a status update as we investigate.
+* Please do not create public issues for security-related reports.
+
+## Disclosure Policy
+* We follow a coordinated disclosure approach.
+* We will not publicly disclose vulnerabilities until a fix has been developed and released.
+* Credit will be given to researchers who responsibly disclose vulnerabilities, if requested.
+
+## Acknowledgements
+We greatly appreciate contributions from the security community and strive to recognize all researchers who help keep MONAI safe.
+
 # Reporting a Vulnerability
 At MONAI, we take security seriously and appreciate your efforts to responsibly disclose vulnerabilities. If you discover a security issue, please report it as soon as possible.
 
