# Security Policy

At @caos we are extremely grateful for security aware people that disclose vulnerabilities to us and the Open Source Community. All reports are thoroughly investigated by our engineering team.

## Supported Versions

After the initial Release the following version support will aplly

| Version | Supported                               |
| ------- | ------------------                      |
| 1.x.x   | :white_check_mark: (note yet available) |
| 0.x.x   | :x:                                     |

## Reporting a vulnerability

To file a incident, please disclose by email to security@caos.ch a list with the security details.

At the moment GPG encryption is no yet supported, however you may sign your message at will.

### When should I report a vulnerability?

### When should I NOT report a vulnerability?

## Security Vulnerability Response

## Public Disclosure Timing