diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..61e43f0
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,5 @@
+# These owners will be the default owners for everything in the repo.
+# Unless a later match takes precedence, they will be requested for review when someone opens a pull request.
+# <path> <username | team>
+
+* @NorceTech/order-squad
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 0000000..3f2c91b
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,39 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in graylog-cli, please report it
+privately through **GitHub Security Advisories**:
+
+1. Navigate to [github.com/NorceTech/graylog-cli/security/advisories](https://github.com/NorceTech/graylog-cli/security/advisories).
+2. Click **"Report a vulnerability"**.
+3. Fill in the details of the vulnerability.
+
+**Do not** report security vulnerabilities through public GitHub issues,
+discussions, or any other public channel.
+
+## Response Timeline
+
+| Stage              | Target           |
+| ------------------ | ---------------- |
+| Acknowledge report | Within 48 hours  |
+| Provide a fix      | Within 30 days   |
+
+We will keep you informed of progress throughout the process.
+
+## Supported Versions
+
+Only the **latest release** is supported with security updates. Please
+ensure you are running the most recent version before reporting.
+
+You can check your current version with:
+
+```sh
+graylog-cli --version
+```
+
+And update to the latest release with:
+
+```sh
+graylog-cli upgrade
+```
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 116e571..7c2d374 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -105,6 +105,16 @@ jobs:
         with:
           path: dist
 
+      - name: Generate SHA256 checksums
+        run: |
+          cd dist
+          sha256sum \
+            graylog-cli-linux-x86_64/graylog-cli-linux-x86_64 \
+            graylog-cli-macos-aarch64/graylog-cli-macos-aarch64 \
+            graylog-cli-windows-x86_64.exe/graylog-cli-windows-x86_64.exe \
+            > checksums-sha256.txt
+          cat checksums-sha256.txt
+
       - name: Create GitHub Release
         uses: softprops/action-gh-release@v2
         with:
@@ -113,3 +123,4 @@ jobs:
             dist/graylog-cli-linux-x86_64/graylog-cli-linux-x86_64
             dist/graylog-cli-macos-aarch64/graylog-cli-macos-aarch64
             dist/graylog-cli-windows-x86_64.exe/graylog-cli-windows-x86_64.exe
+            dist/checksums-sha256.txt