diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..73b27deb9
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,11 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report security vulnerabilities, including denial-of-service
+vulnerabilities such as spurious panics, via email to
+security@10101.finance.
+
+If possible, please PGP-encrypt such emails to the following keys. Please include
+your own public key as an attachment or inline for replies.
+Our PGP-key can be found here: https://keys.openpgp.org/search?q=7ae87ec2cc525a8db0c407832efb0afbbd1093d6