bluenviron
diff --git a/‎.github/workflows/release.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/release.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎SECURITY.md‎
Lines changed: 2 additions & 2 deletions b/‎SECURITY.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/4-other/3-security.md‎
Lines changed: 21 additions & 0 deletions b/‎docs/4-other/3-security.md‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎docs/4-other/3-specifications.md‎ renamed to ‎docs/4-other/4-specifications.md‎ b/‎docs/4-other/3-specifications.md‎ renamed to ‎docs/4-other/4-specifications.md‎
diff --git a/‎docs/4-other/4-related-projects.md‎ renamed to ‎docs/4-other/5-related-projects.md‎ b/‎docs/4-other/4-related-projects.md‎ renamed to ‎docs/4-other/5-related-projects.md‎
@@ -62,8 +62,8 @@ jobs:
             + `\n`
             + `## Security\n`
             + `\n`
-            + `Binaries have been produced by the [Release workflow](https://github.com/${owner}/${repo}/actions/workflows/release.yml)`
-            + ` without human intervention.\n`
+            + `Binaries are compiled from source through the [Release workflow](https://github.com/${owner}/${repo}/actions/workflows/release.yml) without human intervention,`
+            + ` preventing any external interference.`
             + `\n`
             + 'You can verify that binaries have been produced by the workflow by using [GitHub Attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds):\n'
             + `\n`
 
@@ -1,3 +1,3 @@
-# Security Policy
+# Security
 
-Vulnerabilities can be reported privately by using the [Security Advisory](https://github.com/bluenviron/mediamtx/security/advisories/new) feature of GitHub.
+Check the [Security page](https://mediamtx.org/docs/other/security) on the website.
@@ -0,0 +1,21 @@
+# Security
+
+## Reporting vulnerabilities
+
+Vulnerabilities can be reported privately by using the [Security Advisory](https://github.com/bluenviron/mediamtx/security/advisories/new) feature of GitHub.
+
+## Binaries
+
+Binaries are compiled from source through the [Release workflow](https://github.com/bluenviron/mediamtx/actions/workflows/release.yml) without human intervention, preventing any external interference.
+
+You can verify that binaries have been produced by the workflow by using [GitHub Attestations](https://docs.github.com/en/actions/security-for-github-actions/using-artifact-attestations/using-artifact-attestations-to-establish-provenance-for-builds):
+
+```sh
+ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx
+```
+
+You can verify the binaries checksum by downloading `checksums.sha256` and running:
+
+```sh
+cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check
+```