diff --git a/.eleventyignore b/.eleventyignore
index 4a8317e5..7cf14d24 100644
--- a/.eleventyignore
+++ b/.eleventyignore
@@ -1,6 +1,7 @@
 CONTRIBUTING.md
 LICENSE.md
 README.md
+SECURITY.md
 .github
 config
 docs
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..8eece577
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,7 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you find a security vulnerability, please use the [GitHub private security vulnerability reporting](https://github.com/18F/18f.gsa.gov/security/advisories/new) to alert us.
+
+Repository administrators will be notified when you submit an issue, and may or may not follow-up with the reporter.