diff --git a/README.md b/README.md
index 61b4716626..56051e8f24 100644
--- a/README.md
+++ b/README.md
@@ -48,6 +48,7 @@ us on [Discord][tournesol-discord-join].
  - [Structure of the repository](#structure-of-the-repository)
  - [Set-up](#set-up)
  - [Contributing](#contributing)
+ - [Security](#security)
  - [Copyright & Licenses](#copyright--licenses)
 
 ## Structure of the repository
@@ -92,6 +93,10 @@ The code source of the project exists thanks to
 
 Thank you very much!
 
+## Security
+
+To report security vulnerabilities follow our [security policy](./SECURITY.md).
+
 ## Copyright & Licenses
 
 The Tournesol project has chosen to distribute its software and its other
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000000..61a8b5f1ee
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,9 @@
+# Tournesol Security Policy
+
+If you believe you have found a security vulnerability in the Tournesol
+software, please let us know right away using the methods described here:
+
+https://tournesol.app/.well-known/security.txt
+
+If this URI is unavailable, ask for the new security policy by e-mail at
+`security(at)tournesol.app`.
diff --git a/frontend/public/.well-known/security.txt b/frontend/public/.well-known/security.txt
new file mode 100644
index 0000000000..13d208305b
--- /dev/null
+++ b/frontend/public/.well-known/security.txt
@@ -0,0 +1,8 @@
+# Report security issues and vulnerabilities here:
+Contact: mailto:security@tournesol.app
+
+# If the date has passed please inform us by email.
+Expires: 2025-08-01T00:00:00.000Z
+
+Preferred-Languages: en,fr
+Canonical: https://tournesol.app/.well-known/security.txt