From 6c58ac39cd6b2d5497b4598f81254acce02023d8 Mon Sep 17 00:00:00 2001
From: Faisal Salman <f@faisalman.com>
Date: Thu, 13 Apr 2023 05:58:06 +0700
Subject: [PATCH] Update security policy

---
 security.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/security.md b/security.md
index de525bb..d1f40fe 100644
--- a/security.md
+++ b/security.md
@@ -2,4 +2,6 @@
 
 ## Reporting a Vulnerability
 
-Please report security issues to `f@faisalman.com`
+To report a security issue, please email `f@faisalman.com` with a description of the issue, reproducible steps to get the issue, affected versions, and, if known, mitigations for the issue.
+
+If the issue is confirmed as a vulnerability, we will open a new security advisory draft in our GitHub's Security Advisory page [https://github.com/faisalman/ua-parser-js/security/advisories](https://github.com/faisalman/ua-parser-js/security/advisories) and acknowledge your contributions as part of it. This project follows a 90 days disclosure timeline.
\ No newline at end of file