Security Policy Reporting a Vulnerability Create a draft advisory to notify of vulnerabilities, false positives, false negatives, etc.