From 3eedc793f1b47ec5d737d399103c287fe59ff650 Mon Sep 17 00:00:00 2001
From: htuch <htuch@users.noreply.github.com>
Date: Wed, 31 Jul 2019 16:38:25 -0400
Subject: [PATCH] security: add IBM to distributors, clarify policy. (#7781)

Signed-off-by: Harvey Tuch <htuch@google.com>
---
 SECURITY.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 1a11b6e157f4..9fff3ca28cc3 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -329,7 +329,8 @@ customers, of which approximately 400 are using Seven in production. [links]
 We announce on our blog all upstream patches we apply to "Seven." [link to blog
 posts]
 
-> 4. Not be a downstream or rebuild of another distribution.
+> 4. Not be a downstream or rebuild of another distribution. If you offer Envoy as a publicly
+>    available infrastructure or platform service, this condition does not need to apply.
 
 This does not apply, "Seven" is a unique snowflake distribution.
 
@@ -376,6 +377,7 @@ CrashOverride will vouch for the "Seven" distribution joining the distribution l
 | vulnerabilityreports@cloudfoundry.org     | Cloud Foundry |
 | secalert@datawire.io                      | Datawire      |
 | google-internal-envoy-security@google.com | Google        |
+| argoprod@us.ibm.com                       | IBM           |
 | vulnerabilities@discuss.istio.io          | Istio         |
 | secalert@redhat.com                       | Red Hat       |
 | envoy-security@solo.io                    | solo.io       |