Update SECURITY.md (#15)

SECURITY.md

@@ -1,20 +1,24 @@
 # Security Policy
 
+## For external contributors
 
-## Reporting a Vulnerability
+If you want to report any security vulnerabilities please do so by creating an [issue](https://github.com/kununu/kununu-scripts/issues).
+Additionally, if you have a fix then please create a pull request and link it to the issue you have created.
 
-Jira is our entrypoint to report security vulnerabilities. Having this mind a KUNSECU user story (type Vulnerability) needs to be created. 
+## For kununu developers
 
-### How to fill the user story? 
+### Reporting a Vulnerability
 
-Follow this [documentation](https://confluence.xing.hh/pages/viewpage.action?pageId=381133070).
+Jira is our entrypoint to report security vulnerabilities. Having this mind a KUNSECU user story (type Vulnerability) needs to be created.
+
+#### How to fill the user story?
 
+Follow this [documentation](https://confluence.xing.hh/pages/viewpage.action?pageId=381133070).
 
-### To which team do I assign the user story? 
+#### To which team do I assign the user story?
 
 Follow the [component ownership matrix](https://confluence.xing.hh/display/kununu/Component+ownership+and+support) and assign it to the corresponding team.
 
-
 ## Reporting the update of dependencies
 
-This is the benefit of having Dependabot. It will open pull requests for security and version updates. For more information check the Github [documentation](https://docs.github.com/en/github/administering-a-repository/managing-pull-requests-for-dependency-updates).
+This is the benefit of having Dependabot. It will open pull requests for security and version updates. For more information check the Github [documentation](https://docs.github.com/en/github/administering-a-repository/managing-pull-requests-for-dependency-updates).