diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000000..7d9c77d275
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,8 @@
+# Security Policy
+
+## Reporting a vulnerability
+
+If you want to report a security issue, please use [huntr.dev](https://huntr.dev/bounties/disclose?target=https%3A%2F%2Fgithub.com%2Fvim%2Fvim) to privately disclose the issue to us.
+They also have rewards in the form of money, swag and CVEs.
+
+**Please don't publicly disclose the issue until it has been addressed by us.**