| # Security Policy |
| |
| ## Reporting a Vulnerability |
| |
| Please report suspected security vulnerabilities privately to the Apache |
| Security Team at <security@apache.org>, following the ASF process at |
| <https://www.apache.org/security/>. Do not open public GitHub issues or pull |
| requests for security reports. |
| |
| ## Security Model |
| |
| This repository is part of the Apache Cassandra project. The project's |
| security model - what is in and out of scope, the trust boundaries it |
| assumes, the security properties it provides and disclaims, and how findings |
| are triaged - is documented in the main apache/cassandra repository: |
| |
| https://github.com/apache/cassandra/blob/trunk/doc/modules/cassandra/pages/reference/security-model.adoc |