diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000000..24894d5e9a
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,13 @@
+# Security Policy
+
+The purpose of NEO vulnerability bounty program is to be proactive about blockchain security by providing a channel for security researchers to report potential security vulnerabilities identified related to our underlying infrastructure.
+
+First, it is recommended to read the following page https://neo.org/dev/bounty, if you find a security vulnerability in NEO, please report it as indicated on that page.
+
+Please withhold public disclosure until the security team has addressed the vulnerability and it has been solved.
+
+We appreciate your efforts to responsibly disclose your findings, and we will make every effort to acknowledge your contributions.
+
+The security team will acknowledge your email within 5 business days. You will receive a more detailed response within 10 business days.
+
+When in doubt, please do send us a report.