From 53a4116685a2b8365bf5960e87da82fb2a3ed49c Mon Sep 17 00:00:00 2001
From: Pavol Rusnak <pavol@rusnak.io>
Date: Thu, 6 Jun 2019 19:50:57 +0200
Subject: [PATCH] add SECURITY.md

---
 SECURITY.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..e3ad43a23
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+To report security issues send an email to security@satoshilabs.com (this is not a support email!).
+
+The following keys may be used to communicate sensitive information to developers:
+
+| Name | Fingerprint |
+|------|-------------|
+| Marek Palatinus | 86E6792FC27BFD478860C11091F3B339B9A02A3D |
+| Pavol Rusnak    | 71B5A80A63FE12B0D74DABBFE4A883364AAF6E16 |
+
+You can import a key by running the following command with that individual’s fingerprint: `gpg --recv-keys <fingerprint>`.
+
+More info about our Responsible Disclosure program is available from https://trezor.io/security/