diff --git a/README.md b/README.md
index 26f23b8..6a36ff2 100644
--- a/README.md
+++ b/README.md
@@ -26,7 +26,7 @@ _cryptgeon_ is a secure, open source sharing note or file service inspired by [_
 
 ## Demo
 
-Check out the demo and see for yourself https://cryptgeon.nicco.io.
+Check out the demo and see for yourself [cryptgeon.org](https://cryptgeon.org)
 
 ## Features
 
@@ -155,6 +155,10 @@ pnpm run test:server
 pnpm run test:local
 ```
 
+## Security
+
+Please refer to the security section [here](./SECURITY.md).
+
 ###### Attributions
 
 - Test data:
diff --git a/README_zh-CN.md b/README_zh-CN.md
index f7d1ecb..df0b13d 100644
--- a/README_zh-CN.md
+++ b/README_zh-CN.md
@@ -26,7 +26,7 @@ _加密鸽_ 是一个受 [_PrivNote_](https://privnote.com)项目启发的安全
 
 ## 演示示例
 
-查看加密鸽的在线演示 demo： https://cryptgeon.nicco.io.
+查看加密鸽的在线演示 demo： [cryptgeon.org](https://cryptgeon.org)
 
 ## 功能
 
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..703f870
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,18 @@
+# Security Policy
+
+## Supported Versions
+
+Please ensure that you are using the latest major version available.
+
+| Version | Supported |
+| ------- | --------- |
+| 2.x     | ✅        |
+| < 1.x   | ❌        |
+
+## Reporting a vulnerability
+
+_cryptgeon_ has a full disclosure vulnerability policy.
+Report any bug / vulnerability directly to the [issue tracker](https://github.com/cupcakearmy/cryptgeon/issues).
+Please do NOT attempt to report any security vulnerability in this code privately to anybody.
+
+> Shamefully copied of the [ring security section](https://github.com/briansmith/ring#bug-reporting).