diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..e6279e61
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,20 @@
+Security
+Reporting Security Issues
+If you've found a security issue in HDE, you can submit your report to hope-security[@]unicef.org via email.
+
+Please include as much information as possible in your report to better help us understand and resolve the issue:
+
+Where the security issue exists (ie. HDE Core, API subsystem, etc.)
+The type of issue (ex. SQL injection, cross-site scripting, missing authorization, etc.)
+Full paths or links to the source files where the security issue exists, if possible
+Any special configuration required to reproduce the issue
+Step-by-step instructions to reproduce the issue
+Proof of concept or exploit code, if available
+
+If you need to encrypt sensitive information sent to us, please use our [PGP key](https://keys.openpgp.org/vks/v1/by-fingerprint/F72BF087F3A94FE4A305CE449061F6AC06E40F32):
+
+
+F72B F087 F3A9 4FE4 A305 CE44 9061 F6AC 06E4 0F32
+
+
+hkps://keys.openpgp.org