diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..733897af
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,11 @@
+# Security Policy
+
+## Supported Versions
+
+Please see [Releases](https://github.com/Commit-Boost/commit-boost-client/releases). We recommend using the [most recently released version](https://github.com/Commit-Boost/commit-boost-client/releases/latest).
+
+## Reporting a Vulnerability
+
+Please send vulnerability reports to commit.boost@gmail.com
+
+**Please do not file a public ticket** mentioning the vulnerability, as doing so could increase the likelihood of the vulnerability being used before a fix has been created, released and installed on the network.