diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..9af6cd53
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| >= 3.2  | :white_check_mark: |
+| < 3.2   | :x:                |
+
+## Reporting a Vulnerability
+
+You should report any vulnerabilities privately to [Cito](https://github.com/Cito) as the current maintainer of this repository, but note that he is working on the project voluntary in his spare time, so please be patient with him.
+
+Please do not use the public Issue tracker of this repository to disclose security related issues.
+
+Also, please keep in mind that this repository is actually a port of the [GraphQL.js](https://github.com/graphql/graphql-js). Issues that also affect upstream should be also reported there.