diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..453b9a77
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,9 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Security vulnerabilities for `ldk-server` are handled under the same policy as
+`rust-lightning`(LDK), on which this library is built.
+
+Please refer to the [rust-lightning's SECURITY.md](https://github.com/lightningdevkit/rust-lightning/blob/main/SECURITY.md)
+for instructions on how to responsibly disclose vulnerabilities.
\ No newline at end of file