# Security Policy
- [Security Policy](#security-policy)
- [Reporting security problems](#reporting-security-problems)
- [Vulnerability Management Plans](#vulnerability-management-plans)
- [Critical Updates And Security Notices](#critical-updates-and-security-notices)
## Reporting security problems
**DO NOT CREATE AN ISSUE** to report a security problem. Instead, please
send an email to cncf-ExternalSecretsOp-maintainers@lists.cncf.io
## Vulnerability Management Plans
### Critical Updates And Security Notices
We learn about critical software updates and security threats from these sources
1. GitHub Security Alerts
2. [Dependabot](https://dependabot.com/) Dependency Updates