Update README.md, SECURITY.md

README.md

@@ -945,3 +945,19 @@ needed_disk_space = retention_time_seconds * ingested_samples_per_second * bytes
 ```
 
 Roughly, Oracle Database Monitor System has 100 samples every 1 minute, meaning 1.67 samples per second on average. You could base on your retention time to determine the capacity of the server.
+
+## Contributing
+
+This project welcomes contributions from the community. Before submitting a pull request, please [review our contribution guide](./CONTRIBUTING.md)
+
+## Security
+
+Please consult the [security guide](./SECURITY.md) for our responsible security vulnerability disclosure process
+
+## License
+
+Copyright (c) 2021, 2023 Oracle and/or its affiliates.
+
+Released under the Universal Permissive License v1.0 as shown at
+<https://oss.oracle.com/licenses/upl/>.
+

SECURITY.md

@@ -1,32 +1,36 @@
-# Reporting Security Vulnerabilities
+# Reporting security vulnerabilities
 
-Oracle values the independent security research community, and believes that
-responsible disclosure of security vulnerabilities helps us to ensure the security
-and privacy of all of our users.
+Oracle values the independent security research community and believes that
+responsible disclosure of security vulnerabilities helps us ensure the security
+and privacy of all our users.
 
 Please do NOT raise a GitHub Issue to report a security vulnerability. If you
-believe you have found a security vulnerability, then please submit a report to
+believe you have found a security vulnerability, please submit a report to
 [[email protected]][1] preferably with a proof of concept. Please review
 some additional information on [how to report security vulnerabilities to Oracle][2].
-Oracle encourages anyone who contacts Oracle Security to use email encryption, using
+We encourage people who contact Oracle Security to use email encryption using
 [our encryption key][3].
 
-Please do not use other channels, or contact the project maintainers
+We ask that you do not use other channels or contact the project maintainers
 directly.
 
-For non-vulnerability related security issues, including ideas for new or improved
-security features, you are welcome to post these as GitHub Issues.
+Non-vulnerability related security issues including ideas for new or improved
+security features are welcome on GitHub Issues.
 
-## Security Updates, Alerts and Bulletins
+## Security updates, alerts and bulletins
 
-Oracle issues security updates on a regular cadence. Many of our projects typically include release security fixes in conjunction with the [Oracle Critical Patch Update][3] program. Security updates are released on the
-Tuesday closest to the 17th day of January, April, July and October. A pre-release announcement will be published on the Thursday preceding each release. Additional information, including past advisories, is available on our [security alerts][4]
+Security updates will be released on a regular cadence. Many of our projects
+will typically release security fixes in conjunction with the
+Oracle Critical Patch Update program. Additional
+information, including past advisories, is available on our [security alerts][4]
 page.
 
-## Security-Related Information
+## Security-related information
 
-Oracle will provide security-related information in our documentation. The information can be a threat model, best practices for secure use, or any known security issues. Please note
-that labs and example code are intended to demonstrate a concept. These examples should not be used for production use without ensuring that the code is hardened, and in compliance with common security practices.
+We will provide security related information such as a threat model, considerations
+for secure use, or any known security issues in our documentation. Please note
+that labs and sample code are intended to demonstrate a concept and may not be
+sufficiently hardened for production use.
 
 [1]: mailto:[email protected]
 [2]: https://www.oracle.com/corporate/security-practices/assurance/vulnerability/reporting.html