diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..0cf21a4
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,18 @@
+# Security Policy
+
+## Supported Versions
+
+The latest version in the most recent commit of the `main` branch.
+
+## Reporting a vulnerability
+Please send an email to mail@ccfontes.com. We take all reports seriously and will investigate each issue reported to us.
+
+## What to expect after reporting a vulnerability 
+
+**Acknowledgment:** You can expect to receive an acknowledgment of your report within 48 hours.
+
+**Updates:** We aim to assess and fix vulnerabilities within 48 hours of report receipt. Regular updates will be provided regarding our progress.
+
+**Disclosure:** Once the issue has been resolved, a public announcement will be made, crediting those who have responsibly disclosed vulnerabilities, unless anonymity is requested.
+
+**Response:** In the event a reported vulnerability is not accepted, an explanation will be provided.