diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..187165ceb
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,32 @@
+# Hyprland Development Security Policy
+
+If you have a bug that affects the security of your system, you may
+want to privately disclose it instead of making it immediately public.
+
+## Supported versions
+
+_Only_ the most recent release on Github is supported. There are no LTS releases.
+
+## What is not a security issue
+
+Some examples of issues that should not be reported as security issues:
+
+- An app can execute a command when ran outside of a sandbox
+- An app can write / read hyprland sockets when ran outside of a sandbox
+- Crashes
+- Things that are protected via permissions when the permission system is disabled
+
+## What is a security issue
+
+Some examples of issues that should be reported as security issues:
+
+- Sandboxed application executing arbitrary code via Hyprland
+- Application being able to modify Hyprland's code on the fly
+- Application being able to keylog / track user's activity beyond what the wayland protocols allow
+
+## How to report security issues
+
+Please report your security issues via either of these channels:
+- Mail: `vaxry [at] vaxry [dot] net`
+- Matrix: `@vaxry:matrix.vaxry.net`
+- Discord: `@vaxry`