diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..14a54815
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,11 @@
+# Security Policy
+
+## Supported Versions
+
+We will only maintain one branch which is the master branch. Unless otherwise requested, no security patches will be applied to older Major/Minor versions. 
+
+## Reporting a Vulnerability
+
+For a vulnerability of low to no severity, which causing no threats to security, you may report it openly to us by [opening an issue](https://github.com/refraction-networking/utls/issues/new)
+
+If the vulnerability you are reporting inflicts some security impact, please [do so privately](https://github.com/refraction-networking/utls/security/advisories/new).