Security note (#3646)

Author: 0kok0

docs/the_nimbus_book/src/SUMMARY.md

@@ -48,6 +48,12 @@
 - [Migrate from another client](./migration.md)
 - [Validate with a Raspberry Pi](./pi-guide.md)
 
+# Security
+- [Security Issues / Responsible Disclosure](./security_issues.md)
+- [Security Audit](./audit.md)
+- [Reproducible Builds](./distribution_internals.md)
+
+
 # Downloads
 - [Download binaries](./binaries.md)
 - [Download Docker images](./docker.md)
@@ -62,7 +68,5 @@
 - [For developers](./developers.md)
 - [Contribute](./contribute.md)
 - [Resources](./resources.md)
-- [Binary distribution internals](./distribution_internals.md)
 - [Prater testnet](./prater.md)
-- [Security Audit](./audit.md)
 - [FAQ](./faq.md)

docs/the_nimbus_book/src/security_issues.md

@@ -0,0 +1,24 @@
+## Security related issues
+**For any security related issues, follow responsible disclosure standards. Do not file public issues.**
+
+
+*Please file a report at the ethereum [bug bounty program](https://ethereum.org/en/bug-bounty/) in order to receive a reward for your findings.*
+
+
+*When in doubt, please send an encrypted email to [email protected] and ask ([gpg key](https://github.com/status-im/status-security/blob/master/pgp-keys/security%40status.im.asc)).*
+
+
+*Security related issues are (sufficient but not necessary criteria):*
+
+- Soundness of protocols (consensus model, p2p protocols): consensus liveness and integrity. 
+- Errors and failures in the cryptographic primitives 
+- RCE vulnerabilities
+- Any issues causing consensus splits from the rest of the network
+- Denial of service (DOS) vectors
+- Broken Access Control 
+- Memory Errors
+- Security Misconfiguration
+- Vulnerable Dependencies 
+- Authentication Failures 
+- Data Integrity Failures
+- Logging and Monitoring Vulnerabilities