Improve Security Policy score (#42481)

author Julien Déramond <juderamond@gmail.com>

Mon, 8 Jun 2026 04:33:04 +0000 (06:33 +0200)

committer Julien Déramond <juderamond@gmail.com>

Mon, 8 Jun 2026 04:33:51 +0000 (06:33 +0200)
author Julien Déramond <juderamond@gmail.com>
Mon, 8 Jun 2026 04:33:04 +0000 (06:33 +0200)
committer Julien Déramond <juderamond@gmail.com>
Mon, 8 Jun 2026 04:33:51 +0000 (06:33 +0200)
diff --git a/SECURITY.md b/SECURITY.md

index e79dcd8d203853e96a0bba02e48f0907f303a132..63dbdb16399193c798a7812fe3b4fe544434c692 100644 (file)
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -4,4 +4,6 @@ The Bootstrap team and community take security issues in Bootstrap seriously. We
  
  To report a security issue, email [security@getbootstrap.com](mailto:security@getbootstrap.com) and include the word "SECURITY" in the subject line.
  
-We'll endeavor to respond quickly, and will keep you updated throughout the process.
+We'll endeavor to respond quickly, and will keep you updated throughout the process. We aim to acknowledge vulnerability reports within 3 business days and will coordinate disclosure timelines with reporters before publishing any details.
+
+For details on how we handle incidents, see our [Incident Response Plan](.github/INCIDENT_RESPONSE.md).
author	Julien Déramond <juderamond@gmail.com>
	Mon, 8 Jun 2026 04:33:04 +0000 (06:33 +0200)
committer	Julien Déramond <juderamond@gmail.com>
	Mon, 8 Jun 2026 04:33:51 +0000 (06:33 +0200)