diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 000000000..a8123c595
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,15 @@
+# Reporting Security Issues
+
+We take security bugs in Edirom Online seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
+
+## Reporting a Vulnerability
+
+To report a security issue, please use the GitHub Security Advisory ["Report a Vulnerability"](https://github.com/Edirom/Edirom-Online/security/advisories/new) tab.
+
+We will send a response indicating the next steps in handling your report. After the initial reply to your report, we will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.
+
+Report security bugs in third-party modules to the person or team maintaining the module. 
+
+## Supported Versions
+
+Security updates can be provided for the [latest software release](https://github.com/Edirom/Edirom-Online/releases/latest).
diff --git a/README.md b/README.md
index 7237f9571..4486e12b3 100644
--- a/README.md
+++ b/README.md
@@ -109,7 +109,9 @@ See the [Edirom-Online milestones] for more details.
 
 ## Contributing
 
-After all this information, you decided to conribute to Edirom-Online, that is awesome! We prepared a [CONTRIBUTING] file to help start your Edirom-Aventure now.
+After all this information, you decided to contribute to Edirom-Online, that is awesome! We prepared a [CONTRIBUTING] file to help start your Edirom-Aventure now.
+
+If you encounter a security issue in the code, please see the [Security Policy](.github/SECURITY.md) for further guidance.
 
 ## Get in touch