diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..e236e3e
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,5 @@
+# Security Policy
+
+Software security researchers are increasingly engaging with Internet companies to hunt down vulnerabilities. Our bounty program gives a tip of the hat to these researchers and provides great rewards for critical vulnerabilities.
+
+If you’ve found a vulnerability, you can keep in touch or open a pull request, with detailed information about and your full implementation.