diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 00000000..fe940193
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,26 @@
+# Security Policy for CocoIndex
+
+## Reporting a Vulnerability
+If you discover a security vulnerability in CocoIndex, please report it responsibly to our security team:
+
+**Email:** [support@cocoindex.io](mailto:support@cocoindex.io)
+
+⚠️ Please do not file GitHub issues for security vulnerabilities as they are public! ⚠️
+
+Please provide:
+- A detailed description of the vulnerability
+- Steps to reproduce the issue
+- Any relevant logs, screenshots, or proof-of-concept code
+
+We will acknowledge your report promptly and work with you to resolve the issue.
+
+## Scope
+This policy covers security issues related to CocoIndex open-source software.
+
+## Response & Disclosure
+- We aim to respond as soon as we can.
+- Security fixes will be released as soon as practical after verification.
+
+---
+
+Thank you for helping us keep CocoIndex secure!