Rather than referencing the [Spring security policy](https://spring.io/security-policy), Steeltoe should have its own copy. Once published, update https://github.com/SteeltoeOSS/security-advisories to point to the Steeltoe version
Rather than referencing the Spring security policy, Steeltoe should have its own copy.
Once published, update https://github.com/SteeltoeOSS/security-advisories to point to the Steeltoe version