From 6fc66e1676195ec598f8bb96d887a369fc28a0b9 Mon Sep 17 00:00:00 2001
From: Viktor Petersson <self@vpetersson.com>
Date: Tue, 30 Jul 2024 18:24:13 +0100
Subject: [PATCH] SECURITY: mention OpenSSF best practices gold badge

Closes #14319
---
 SECURITY.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/SECURITY.md b/SECURITY.md
index dbce1b52ac..fca756dabf 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -14,3 +14,14 @@ If you have found or just suspect a security problem somewhere in curl or
 libcurl, report it on [HackerOne](https://hackerone.com/curl).
 
 We treat security issues with confidentiality until controlled and disclosed responsibly.
+
+## OpenSSF Scorecard
+
+curl has earned Gold status on the OpenSSF Best Practices, reflecting its adherence to
+rigorous security and best practice standards. This achievement highlights curl's
+comprehensive documentation, secure development processes, effective change control
+mechanisms, and strong maintenance routines. Meeting these criteria demonstrates curl's
+commitment to security and reliability, ensuring the project's sustainability and
+trustworthiness. This recognition by OpenSSF underscores curl's role as a leader in
+open-source software practices. More information can be found on
+their [OpenSSF page](https://www.bestpractices.dev/projects/63).
-- 
2.47.3