diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..11f6cef83
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,20 @@
+# Security Policy
+
+## Supported Versions
+
+| Version             | Supported          |
+| ------------------- | ------------------ |
+| main branch         | :white_check_mark: |
+| most recent release | :white_check_mark: |
+| older releases      | :x:                |
+
+## Reporting a Vulnerability
+
+We ask that you do not report security issues to our normal GitHub issue tracker.
+
+If you believe you've identified a security issue with mitmproxy,
+please report it to [@mhils](https://github.com/mhils), [@Kriechi](https://github.com/Kriechi), and/or [@cortesi](https://github.com/cortesi) 
+via the email addresses listed on their GitHub profiles.
+
+Once you've submitted an issue via email, 
+you should receive an acknowledgment within 48 hours, and depending on the action to be taken, you may receive further follow-up emails.