diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..9a81b29
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| latest  | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+If you believe you have found a vulnerability please report it responsibly. IBM has documented the process for reporting vulnerabilities at https://www.ibm.com/trust/security-psirt.
+
+## Vulnerabilities in dependencies
+
+This repo is regularly scanned for known CVEs in dependencies and updates to versions with remediations are applied and released as soon as possible.
+Reporting known CVEs in dependencies in this repository is not necessary and will not lead to a faster resolution.