Skip to content

Commit 536e5ce

Browse files
rfk-ncrfk-nc
authored
docs: Revise .git/SECURITY.md to be aligned with version in project root (#1894)
Revise SECURITY.md for clarity and formatting Update the .git SECURITY.md file to be aligned with that in project root.
1 parent 3cdba45 commit 536e5ce

1 file changed

Lines changed: 9 additions & 21 deletions

File tree

.github/SECURITY.md

Lines changed: 9 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,35 +1,23 @@
11
# Security
22

3-
NHS England takes security and the protection of private data extremely seriously. If you believe you have found a vulnerability or other issue which has compromised or could compromise the security of any of our systems and/or private data managed by our systems, please do not hesitate to contact us using the methods outlined below.
3+
We take security and the protection of private data extremely seriously. If you believe you have found a vulnerability or other issue which has compromised or could compromise the security of any of our systems or private data managed by our systems, please do not hesitate to contact us using the method outlined below.
44

5-
## Table of Contents
5+
## Table of contents
66

77
- [Security](#security)
8-
- [Table of Contents](#table-of-contents)
8+
- [Table of contents](#table-of-contents)
99
- [Reporting a vulnerability](#reporting-a-vulnerability)
10-
- [Email](#email)
11-
- [NCSC](#ncsc)
12-
- [General Security Enquiries](#general-security-enquiries)
10+
- [General security enquiries](#general-security-enquiries)
1311

1412
## Reporting a vulnerability
1513

16-
Please note, email is our preferred method of receiving reports.
14+
If you believe you have found a security issue in this repository, please report it using GitHub's private vulnerability reporting:
1715

18-
### Email
16+
1. [Report a vulnerability](https://github.com/NHSDigital/software-engineering-quality-framework/security/advisories/new)
17+
2. Provide details of the issue and steps to reproduce
1918

20-
If you wish to notify us of a vulnerability via email, please include detailed information on the nature of the vulnerability and any steps required to reproduce it.
19+
This creates a private channel for discussion and allows us to coordinate a fix before any public disclosure.
2120

22-
You can reach us at:
23-
24-
- _[ A product team email address ]_
25-
- [cybersecurity@nhs.net](cybersecurity@nhs.net)
26-
27-
### NCSC
28-
29-
You can send your report to the National Cyber Security Centre, who will assess your report and pass it on to NHS England if necessary.
30-
31-
You can report vulnerabilities here: [https://www.ncsc.gov.uk/information/vulnerability-reporting](https://www.ncsc.gov.uk/information/vulnerability-reporting)
32-
33-
## General Security Enquiries
21+
## General security enquiries
3422

3523
If you have general enquiries regarding our cybersecurity, please reach out to us at [cybersecurity@nhs.net](cybersecurity@nhs.net)

0 commit comments

Comments
 (0)