From 882dbe62ad3411debb1ec6eb6d9f28a101e3a551 Mon Sep 17 00:00:00 2001 From: Glenn Jocher Date: Mon, 29 May 2023 01:52:52 +0200 Subject: [PATCH] Update security policy (#2884) --- docs/SECURITY.md | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/docs/SECURITY.md b/docs/SECURITY.md index afbbf28..31eb007 100644 --- a/docs/SECURITY.md +++ b/docs/SECURITY.md @@ -1,32 +1,25 @@ --- -description: Learn how Ultralytics prioritize security. Get insights into Snyk and GitHub CodeQL scans, and how to report security issues in YOLOv8. +description: Ensure robust security with Ultralytics' open-source projects. We use advanced vulnerability scans and actively address potential risks. Your safety is our priority. --- # Security Policy -At [Ultralytics](https://ultralytics.com), the security of our users' data and systems is of utmost importance. To -ensure the safety and security of our [open-source projects](https://github.com/ultralytics), we have implemented -several measures to detect and prevent security vulnerabilities. - -[![ultralytics](https://snyk.io/advisor/python/ultralytics/badge.svg)](https://snyk.io/advisor/python/ultralytics) +At [Ultralytics](https://ultralytics.com), the security of our users' data and systems is of utmost importance. To ensure the safety and security of our [open-source projects](https://github.com/ultralytics), we have implemented several measures to detect and prevent security vulnerabilities. ## Snyk Scanning -We use [Snyk](https://snyk.io/advisor/python/ultralytics) to regularly scan the YOLOv8 repository for vulnerabilities -and security issues. Our goal is to identify and remediate any potential threats as soon as possible, to minimize any -risks to our users. +We use [Snyk](https://snyk.io/advisor/python/ultralytics) to regularly scan all Ultralytics repositories for vulnerabilities and security issues. Our goal is to identify and remediate any potential threats as soon as possible, to minimize any risks to our users. + +[![ultralytics](https://snyk.io/advisor/python/ultralytics/badge.svg)](https://snyk.io/advisor/python/ultralytics) ## GitHub CodeQL Scanning -In addition to our Snyk scans, we also use -GitHub's [CodeQL](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql) -scans to proactively identify and address security vulnerabilities. +In addition to our Snyk scans, we also use GitHub's [CodeQL](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql) scans to proactively identify and address security vulnerabilities across all Ultralytics repositories. + +[![CodeQL](https://github.com/ultralytics/ultralytics/actions/workflows/codeql.yaml/badge.svg)](https://github.com/ultralytics/ultralytics/actions/workflows/codeql.yaml) ## Reporting Security Issues -If you suspect or discover a security vulnerability in the YOLOv8 repository, please let us know immediately. You can -reach out to us directly via our [contact form](https://ultralytics.com/contact) or -via [security@ultralytics.com](mailto:security@ultralytics.com). Our security team will investigate and respond as soon -as possible. +If you suspect or discover a security vulnerability in any of our repositories, please let us know immediately. You can reach out to us directly via our [contact form](https://ultralytics.com/contact) or via [security@ultralytics.com](mailto:security@ultralytics.com). Our security team will investigate and respond as soon as possible. -We appreciate your help in keeping the YOLOv8 repository secure and safe for everyone. \ No newline at end of file +We appreciate your help in keeping all Ultralytics open-source projects secure and safe for everyone. \ No newline at end of file