diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..550f904
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+Security updates will always only be applied to the latest version of Watchtower.
+As the software by default is set to auto-update if you use the `latest` tag, you will get these security updates automatically as soon as they are released.
+
+## Reporting a Vulnerability
+
+Critical vulnerabilities that might open up for external attacks are best reported directly either to simme@arcticbit.se or nils@piksel.se.
+We'll always try to get back to you as swiftly as possible, but keep in mind that since this is a community project, we can't really leave any guarantees about the speed.
+
+Non-critical vulnerabilities may be reported as regular GitHub issues.