diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..bdc99f8
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,20 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 3.x     | :white_check_mark: |
+| < 3.0   | :x:                |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in this project, **please do not report it via public GitHub issues**.
+
+Instead, please email [security@zumba.com](mailto:security@zumba.com) with:
+
+- A description of the vulnerability
+- Steps to reproduce the issue
+- Potential impact of the vulnerability
+
+We will acknowledge receipt within 3 business days and will keep you informed of the progress toward a fix. Once the issue has been resolved, we will notify you before any public disclosure.