diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 000000000..cc5faeac8
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,5 @@
+# Reporting a Vulnerability
+
+**PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY.**
+
+If you discover any security related issues, please email hello@laravel.io instead of using the issue tracker.
diff --git a/README.md b/README.md
index 3d99a8fbe..c3ff8a847 100644
--- a/README.md
+++ b/README.md
@@ -127,7 +127,7 @@ Please read our [Code of Conduct](CODE_OF_CONDUCT.md) before contributing or eng
 
 ## Security Vulnerabilities
 
-If you discover a security vulnerability within Laravel.io, please send an email immediately to [security@laravel.io](mailto:security@laravel.io). **Do not create an issue for the vulnerability.**
+Please review [our security policy](.github/SECURITY.md) on how to report security vulnerabilities.
 
 ## License