diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000000000000000000000000000000000000..dcbfd3e6f0b57543299e5c309c2116e6c6e275b5
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,27 @@
+# Security Policy
+
+We take security issues very seriously, and will always attempt to address any 
+vulnerabilities as quickly as possible. 
+
+## Supported Versions
+
+We try to make a reasonable effort to support older versions of Snipe-IT, 
+however there are times when library dependencies and/or PHP/MySQL dependencies 
+make it impossible to backport security fixes on older versions. 
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+
+## Reporting a Vulnerability
+
+Security vulnerabilities should be sent to security@snipeitapp.com. You can typically expect a 
+response within two business days, and we typically have fixes out in under a week from the initial disclosure.
+
+This obviously varies based on the severity of the  security issue and the difficulty in remediation, 
+but those have historically been the timelines we worm around.
+
+For a full breakdown of our security policies, please see https://snipeitapp.com/security.