Add SECURITY.md (#540)

### Add SECURITY.md

### Linked issues
NA

### Summarize your change.

Add SECURITY.md

### Describe the reason for the change.

Adding a security policy to Open RV

### Describe what you have tested and on which operating system.

### Add a list of changes, and note any that might need special
attention during the review.

### If possible, provide screenshots.

Signed-off-by: Bernard Laberge <[email protected]>

Author: bernie-laberge

SECURITY.md

@@ -0,0 +1,28 @@
+# Security and Open RV
+
+The Open RV Technical Steering Committee (TSC) takes security very
+seriously. We strive to design secure software, and utilize continuous 
+integration and code analysis tools to help identify potential 
+vulnerabilities.
+
+Users should exercise caution when working with untrusted data (Open RV
+session files, external Open RV packages, external Open RV movie and image 
+plugins, etc.). Open RV takes every precaution to read only valid data, but it 
+would be naive to say our code is immune to every exploit.
+
+## Reporting Vulnerabilities
+
+Quickly resolving security related issues is a priority. 
+To report a security issue, please use the GitHub Security Advisory ["Report a Vulnerability"](https://github.com/AcademySoftwareFoundation/OpenRV/security/advisories/new) tab.
+
+Include detailed steps to reproduce the issue, and any other information that
+could aid an investigation. Someone will assess the report and make every
+effort to respond within 14 days.
+
+## Outstanding Security Issues
+
+None
+
+## Addressed Security Issues
+
+None