From eed2c78eb341807b91838f8e14112df1af4a7ec8 Mon Sep 17 00:00:00 2001
From: James Brown <33660060+jamesbr3@users.noreply.github.com>
Date: Thu, 23 May 2019 15:52:42 +0100
Subject: [PATCH] CORDA-2958 Security policy for corda

---
 SECURITY.md | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index ec80c0a0c4..1ab8dca081 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,18 +1,21 @@
 # Security Policy
 
+## Reporting a Vulnerability
+
+Vulnerabilities in Corda can be reported by following the Corda responsible disclosure policy:
+
+https://www.corda.net/participate/security.html
+
+## Security Advisories
+
+Security announcements affecting Corda will be published on the Corda mailing list. People can subscribe to corda-announce@groups.io to receive security updates when they are made available.
+
 ## Supported Versions
 
-Security updates will be made for the following versions of Corda:
+Security updates are made for the latest version of Corda.
 
 | Version | Supported          |
 | ------- | ------------------ |
 | 4.x     | :white_check_mark: |
-| 3.3.x   | :white_check_mark: |
-| < 3.3   | :x:                |
-
-## Reporting a Vulnerability
-
-Vulnerabilities in Corda can be reported by following the responsible disclosure policy:
-
-https://www.corda.net/participate/security.html
-
+| 3.x     | :x:                |
+| < 3     | :x:                |