From 49cec3e9b27e517ac5ea5db5482c59f937e6aea4 Mon Sep 17 00:00:00 2001
From: AniruddhaKanhere <60444055+AniruddhaKanhere@users.noreply.github.com>
Date: Mon, 22 Jun 2026 14:52:21 -0700
Subject: [PATCH] docs: link FreeRTOS kernel threat model in SECURITY.md

---
 .github/SECURITY.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/SECURITY.md b/.github/SECURITY.md
index 1472c0c86..83ca1bbe8 100644
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -1,3 +1,13 @@
+## Threat model
+
+Before reporting an issue, please review the FreeRTOS kernel threat model. It
+describes the security assumptions the kernel makes, which threats are in scope,
+and the protections the kernel does and does not provide. Understanding these
+boundaries helps determine whether an observed behavior is a security
+vulnerability or expected, documented behavior.
+
+- [FreeRTOS Kernel Threat Model](https://www.freertos.org/Security/02-Kernel-threat-model)
+
 ## Reporting a Vulnerability
 
 If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security