diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..dc033cf
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,8 @@
+Reporting Security Issues
+=========================
+
+If you would like to report a public issue (for example, one with a released CVE number), please report it using the [opkg bugzilla tracker](https://bugzilla.yoctoproject.org/buglist.cgi?quicksearch=Product%3Aopkg).
+
+If you have a patch ready, submit it following the same procedure as any other patch as described in [CONTRIBUTING](https://git.yoctoproject.org/opkg-utils/tree/CONTRIBUTING).
+
+If you are reporting an unreleased or urgent issue, please send an email directly to the project maintainer: <alex.stewart@ni.com>. Be sure to include all the details you can about reproducing or exploiting the issue.
\ No newline at end of file