Closes #19383: Extend security policy to provide guidance on compliance reporting

2025-07-13 00:34:52 -06:00 · 2025-05-02 09:21:27 -04:00 · 2025-05-02 09:21:27 -04:00 · 7cd5dc0c84
commit 7cd5dc0c84
parent aea51df06c
1 changed files with 6 additions and 0 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -14,6 +14,12 @@ Administrators are encouraged to adhere to industry best practices concerning th
 * Prohibit access to your database from clients other than the NetBox application
 * Keep your deployment updated to the most recent stable release

+## Compliance Reporting
+
+Please note that security compliance reports (e.g. SOC 2) are provided by NetBox Labs only to customers using NetBox Cloud or NetBox Enterprise. They are not available to users of self-hosted NetBox Community Edition.
+
+If you would like to consider upgrading to NetBox Cloud or Enterprise, please contact `sales@netboxlabs.com`.
+
 ## Reporting a Suspected Vulnerability

 If you believe you've uncovered a security vulnerability and wish to report it confidentially, you may do so by emailing `security@netboxlabs.com`. Please ensure that your report meets all the following conditions: