# Hyperledger Security Policy
## Reporting a Security Bug
If you think you have discovered a security issue in any of the Hyperledger projects, we'd love to
hear from you. We will take all security bugs seriously and if confirmed upon investigation we will
patch it within a reasonable amount of time and release a public security bulletin discussing the
impact and credit the discoverer.
If you have found what you think is a vulnerability in the code in this
repository, please email a description of the flaw and any related information
(e.g. reproduction steps, version) to
[security@hyperledger.org](mailto:security@hyperledger.org). If we agree with
your assessment, we'll open a GitHub security issue in the reposioty, and invite
you to collaborate towards resolving the issue.
The process by which the Hyperledger Security Team handles security bugs is documented further in
our [Defect Response page](https://wiki.hyperledger.org/display/SEC/Defect+Response) on our
[wiki](https://wiki.hyperledger.org).