From 37c528b697226c1933b6a2177614a15647447cc4 Mon Sep 17 00:00:00 2001
From: mchammer01 <42146119+mchammer01@users.noreply.github.com>
Date: Wed, 3 Mar 2021 11:46:27 +0000
Subject: [PATCH] started to look at the review from Security Lab folks

---
 .../about-disclosing-vulnerabilities.md                       | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/content/github/managing-security-vulnerabilities/about-disclosing-vulnerabilities.md b/content/github/managing-security-vulnerabilities/about-disclosing-vulnerabilities.md
index bb7a4db383..d84ff3ec28 100644
--- a/content/github/managing-security-vulnerabilities/about-disclosing-vulnerabilities.md
+++ b/content/github/managing-security-vulnerabilities/about-disclosing-vulnerabilities.md
@@ -36,7 +36,9 @@ Publishing the details of a security vulnerability doesn't make maintainers look
 
 The process for reporting and disclosing vulnerabilities for projects on {% data variables.product.prodname_dotcom_the_website %} is as follows:
 
- If you are a security researcher who would like report a vulnerability, first check if there is a security policy for the related repository. For more information, see "[About security policies](/github/managing-security-vulnerabilities/adding-a-security-policy-to-your-repository#about-security-policies)." If there is one, follow it to understand the process before contacting the security team for that repository. If there isn't a security policy for the repository, you may try to privately contact the maintainers based on information available in the _security.md_ file.
+ If you are a security researcher who would like report a vulnerability, first check if there is a security policy for the related repository. For more information, see "[About security policies](/github/managing-security-vulnerabilities/adding-a-security-policy-to-your-repository#about-security-policies)." If there is one, follow it to understand the process before contacting the security team for that repository. If there isn't a security policy for the repository, you may try to privately contact the maintainers:
+- by looking at all the text files in the root directory. In some cases, the contact details may 
+- by creating an issue requesting contact details.
 
 {% note %}