diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..69de337
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,18 @@
+# Security
+
+## Report a security issue
+
+The World project team welcomes security reports and is committed to providing prompt attention to security issues. Security issues should be reported privately via [security@toolsforhumanity.com](mailto:security@toolsforhumanity.com). Security issues should not be reported via the public Github Issue tracker.
+
+## Vulnerability coordination
+
+Remediation of security vulnerabilities is prioritized by the project team. The project team coordinates remediation with third-party project stakeholders via [Github Security Advisories](https://help.github.com/en/github/managing-security-vulnerabilities/about-github-security-advisories). Third-party stakeholders may include the reporter of the issue, affected direct or indirect users of World, and maintainers of upstream dependencies if applicable.
+
+Downstream project maintainers and World users can request participation in coordination of applicable security issues by sending your contact email address, Github username(s) and any other salient information to [security@toolsforhumanity.com](mailto:security@toolsforhumanity.com). Participation in security issue coordination processes is at the discretion of the World team.
+
+## Security advisories
+
+The project team is committed to transparency in the security issue disclosure process. The World team announces security issues via [project Github Release notes](https://github.com/worldcoin/world-chain/releases) and the [RustSec advisory database](https://github.com/RustSec/advisory-db) (i.e. `cargo-audit`).
+
+
+<!-- Based on https://github.com/tokio-rs/tokio/blob/tokio-1.13.0/SECURITY.md -->
\ No newline at end of file