Add a security policy
We need to add a SECURITY.md to outline the steps to take when reporting security related incidents.
This should contain the best practices of the project as well as guiding contributors to raise confidential issues in case there is a security problem with the library.