Fix nasa#63 Create Security Policy

SECURITY.md

@@ -0,0 +1,18 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+To report a vulnerability, submit the issue via Github in the subsystem it applies to.
+
+For the elf2cfetbl subsystem, the submit the issue in the elf2cfetbl, repository at https://github.com/nasa/elf2cfetbl/issues/new/choose.
+
+If you are not sure what subsystem it belongs to, then feel free to submit it at the general CFS level at https://github.com/nasa/cfs/issues/new/choose.
+
+In either case please use the "Bug Report" template and provide as much information as possible. Ensure to apply appropraite labels for each report. For security related reports, tag the issue with the "security" label.
+
+## Additional Support
+
+For additional support, reach out to cfs-community@lists.nasa.gov. This mailing list includes all community members/users of the NASA core Flight Software (cFS) product line.
+To subscribe to the mailing list, visit https://lists.nasa.gov/mailman/listinfo/cfs-community. The list will be used to communicate any information related to the cFS product such as current releases, bug findings and fixes, enhancement requests, community meeting notifications, sending out meeting minutes, etc.
+
+If you wish to report a cybersecurity incident or concern please contact the NASA Security Operations Center either by phone at 1-877-627-2732 or via email address soc@nasa.gov.