[DOC] Add security policy file (#62)

MacOS · web-flow · commit e1f681e32ccb · 2025-04-15T09:41:54.000+02:00
doc(security): add security policy file
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,17 @@
+<!--
+SPDX-FileCopyrightText: 2025 Deutsche Telekom AG
+
+SPDX-License-Identifier: CC0-1.0
+-->
+
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you have discovered a security vulnerability in this project, please report it privately. **Do not disclose it as a public issue.** 
+This gives us time to work with you to fix the issue before public exposure, reducing the chance that the exploit will be used before a patch is released.
+
+Please disclose it as a new [security issue](https://github.com/telekom/citykey-ios/security/advisories/new).
+
+This project is maintained by a dedicated team of Deutsche Telekom. 
+As such, please give us at least 30 days to work on a fix before public exposure.
