Add security policy guidelines

Add basic information about process for reporting security vulnerabilities in Espressif solutions. This filename is recognized by GitHub: https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository
2022-06-24 11:11:38 +08:00 · 2022-06-24 11:11:38 +08:00 · ca61d6e2af
commit ca61d6e2af
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,9 @@
+# Security Policy
+
+## Supported Versions
+
+Please refer to https://docs.espressif.com/projects/esp-idf/en/latest/esp32/versions.html#support-periods for more details on ESP-IDF supported versions and support period policy.
+
+## Reporting a Vulnerability
+
+If you think you have found a security vulnerability in Espressif solutions (including ESP-IDF), then please send an email to our Bug Bounty team at bugbounty@espressif.com. Please do **NOT** create a public GitHub issue.