# Security

## Reporting Security Issues

**Please do not report security vulnerabilities through public GitHub issues.**

The easiest way to report a security issue is privately through GitHub [here](https://github.com/IBM/sarama/security/advisories/new).

See [Privately reporting a security vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability) for full instructions.

Alternatively, you can report them via e-mail or anonymous form to the IBM Product Security Incident Response Team (PSIRT) following the guidelines under the [IBM Security Vulnerability Management](https://www.ibm.com/support/pages/ibm-security-vulnerability-management) pages.