Create SECURITY.md (#92)

Author: lucacome

SECURITY.md

@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+We advise users to run the most recent release of the NGINX Ingress Operator, and we issue software updates to the most recent release. We provide technical support for F5 customers who are using the most recent version of the NGINX Ingress Operator, and any version released within two years of the current release.
+
+For more information visit https://docs.nginx.com/nginx-ingress-controller/technical-specifications/
+
+## Reporting a Vulnerability
+
+The F5 Security Incident Response Team (F5 SIRT) has an email alias that makes it easy to report potential security vulnerabilities.
+
+- If you’re an F5 customer with an active support contract, please contact [F5 Technical Support](https://www.f5.com/services/support).
+- If you aren’t an F5 customer, please report any potential or current instances of security vulnerabilities with any F5 product to the F5 Security Incident Response Team at [email protected]
+
+For more information visit https://www.f5.com/services/support/report-a-vulnerability