diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..a1dd5f4
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,23 @@
+# Security Policy
+
+## Supported Versions
+
+The latest main branch of Mercury will always be up-to-date with the latest security patches.
+Security updates will not be backwards implemented for older major versions of Mercury than the current one.
+
+e.g. if 2.x.x is the current main branch, then 1.x.x will no longer be supported with security patches but 2.x.x will be.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.0.0   | :white_check_mark: |
+| 0.x.x   | :x:                |
+
+## Automated fixes
+
+When a new golang release is published, a new version of Mercury will be automaticly generated.
+As such any issues found in golang will be fixed automaticly arround 10:00 UTC
+
+## Reporting a Vulnerability
+
+Should you find a security vulnerability please mail to rdoorn at schubergphilis dot com
+The issue will be addresse with due process, depending on the urgency at hand.