diff --git a/SECURITY.md b/SECURITY.md
new file mode 120000
index 00000000000..64e8a6aadbc
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1 @@
+docs/docs/community/security.md
\ No newline at end of file
diff --git a/docs/docs/community/security.md b/docs/docs/community/security.md
index a6521843598..9c4cd4ac9cd 100644
--- a/docs/docs/community/security.md
+++ b/docs/docs/community/security.md
@@ -123,7 +123,7 @@ This process can take some time. Every effort will be made to handle the bug in
 
 ## Reporting a Security Bug
 
-If you believe you've found a security vulnerability in Pomerium, please notify us; we will work with you to resolve the issue promptly. Thank you for helping to keep Pomerium and our users safe! We deeply appreciate any effort to discover and disclose security vulnerabilities responsibly.
+If you believe you've found a security vulnerability in Pomerium, please notify us; we will work with you to resolve the issue promptly. Thank you for helping to keep Pomerium and our users safe! Though at this time we do not have a paid bug bounty program, we deeply appreciate any effort to discover and disclose security vulnerabilities responsibly.
 
 All security bugs in Pomerium should be reported by email to security@pomerium.com . Your email will be acknowledged within 48 hours, and you'll receive a more detailed response to your email within 72 hours indicating the next steps in handling your report.