diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..132a337
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,4 @@
+# Security Disclosures
+
+To report a security vulnerability, please use the [GitHub private vulnerabilities disclosure](https://github.com/python-hyper/brotlicffi/security/advisories/new) workflow.
+The draft advisory will be used to coordinate the fix and disclosure.