diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..aaa878f4
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,14 @@
+# Security Policy
+
+## Supported Versions
+
+We generally only support the latest major release,
+although critical bug fixes can be released for older versions.
+
+## Reporting a Vulnerability
+
+To report a security issue, please email <executablebooks@gmail.com> with a description of the issue,
+the steps you took to create the issue, affected versions, and, if known, mitigations for the issue.
+Our team will respond within 3 working days of your email.
+If the issue is confirmed as a vulnerability, we will open a Security Advisory.
+This project follows a 90 day disclosure timeline.