diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 00000000..580987a5
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,7 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+In order for the vulnerability reports to reach maintainers as soon as possible, the preferred way is to use the "Report a vulnerability" button under the "Security" tab of the associated GitHub project. This creates a private communication channel between the reporter and the maintainers.
+
+If you are absolutely unable to or have strong reasons not to use GitHub's vulnerability reporting workflow, please reach out to the the team by mailing to firstcontributions@gmail.com