diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..9e5f070f
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 4.x   | :white_check_mark: |
+| 3.x   | :white_check_mark: |
+| < 3.0   | :x:                |
+
+__Critical vulnerabilities will be ported as far back as possible.__
+
+## Reporting a Vulnerability
+
+Report a security vulnerability directly to the maintainers by sending an email to security@autovance.com 
+or by reporting a vulnerability to the [NPM and Github security teams](https://docs.npmjs.com/reporting-a-vulnerability-in-an-npm-package).