diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..5c93eb2
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report any suspected security issues to `team@httparchive.org`. We currently to not participate in a bug bounty programme.