Setup security scanning / dependabot

# Desired Behavior

Need to leverage GitHub scanning / dependabot v2.
Need to have a `SECURITY.md` file so that contributors are aware of all KNOWN KNOWNS and KNOWN UNKNOWNS.

![image](https://user-images.githubusercontent.com/552515/87253304-d1333800-c43f-11ea-9af1-c6bfe3440d54.png)

At a minimum:
* Security Policy
* Security Advisories
* Dependabot Alerts
* Code Scanning

# Benefits

* Users will have a report of clear list of actions taken on security reports issued by agencies AND
* Contributors have a clear process on how to take action on vulnerability alerts.
* Both Users and Contributors can TRUST the software to be as free as possible from known vulnerabilities

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Setup security scanning / dependabot #252

Desired Behavior

Benefits

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Setup security scanning / dependabot #252

Description

Desired Behavior

Benefits

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions