diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000000..3b6555154f26
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability regarding Nuxt, please send an e-mail to the team via security@nuxtjs.org! All security vulnerabilities will be promptly addressed. Please check [nuxt/nuxt.js#9284](https://github.com/nuxt/nuxt.js/issues/9284) regarding potentially false positive reports from npm and github audit.