diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000000..cfe3872853
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+By default, the most recent release of Dolt is the version which is
+supported for all security updates. If you need ongoing security
+support for an older version of Dolt, please [contact us](https://www.dolthub.com/contact).
+
+## Reporting a Vulnerability
+
+Any security issues with Dolt can be reported to [security@dolthub.com](security@dolthub.com).
+
+Reports will be responded to within one business day. The majority of
+our team operates on Pacific Time and on a US holiday schedule.
+
+DoltHub does not currently run a security bounty program for Dolt.