diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..2d5ae3cb
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,34 @@
+# Security Policy
+
+## Security Bulletins
+
+See current security bullentins on GitHub: https://github.com/in-toto/go-witness/security/advisories
+
+For information regarding the security of this project please join:
+
+* in-toto-witness on CNCF Slack
+
+## Reporting a Vulnerability
+
+Please use the below process to report a vulnerability to the project:
+
+Web Form:
+
+1. Please visit https://github.com/in-toto/go-witness/security/advisories/new
+   * You will receive a confirmation email upon submission
+1. You may be contacted by a maintainer to further discuss the reported item
+   within 3 days. Please bear with us as we seek to understand the breadth
+   and scope of the reported problem, recreate it, and confirm if there is an
+   vulnerability present.
+
+This project follows a 30 day disclosure timeline.
+
+## Supported Versions
+
+Information regarding supported versions of this project can be found on
+in the below table:
+
+| Version | Supported |
+| --- | --- |
+| Latest | :white_check_mark: |
+| <= Latest - 2 | :x: |