Skip to main content
Warning

The github.com/department-of-veterans-affairs organization is being sunset and all users and repositories are migrating to va.ghe.com (GHEC-US). See migrations for more information.

Security Policy

A Security Policy is a repository’s `SECURITY.MD` file which describes everything auditors and users need to report a potential vulnerability.

The recommendation is that every repository containing code has a Security.md file.

Examples

image of security policy with text

image of security policy with table

Create a policy

To create a security policy from the template

  1. Navigate to your repository on GitHub
  2. Click on the “Security” tab
    Security tab
  3. Click on “Setup a security policy”
    Security policy template

Return to Guides