diff --git a/.github/wordlist.txt b/.github/wordlist.txt
index 7035f7ea..2b4b87de 100644
--- a/.github/wordlist.txt
+++ b/.github/wordlist.txt
@@ -158,3 +158,4 @@ valkey
 valkeymodules
 virtualenv
 www
+md
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 0a82b3b4..939b3da1 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -180,22 +180,10 @@ Please try at least versions of Docker.
 
 ## How to Report a Bug
 
-### Security Vulnerabilities
-
-**NOTE**: If you find a security vulnerability, do NOT open an issue.
-Email [Salvatore Mesoraca (<salvatore.mesoraca@aiven.io>)](mailto:salvatore.mesoraca@aiven.io) instead.
 
-In order to determine whether you are dealing with a security issue, ask
-yourself these two questions:
-
--   Can I access something that's not mine, or something I shouldn't
-    have access to?
--   Can I disable something for other people?
+### Security Vulnerabilities
 
-If the answer to either of those two questions are *yes*, then you're
-probably dealing with a security issue. Note that even if you answer
-*no*  to both questions, you may still be dealing with a security
-issue, so if you're unsure, just email [us](mailto:salvatore.mesoraca@aiven.io).
+Reporting a vulnerability? See [SECURITY.md](https://github.com/valkey-io/valkey-py/blob/main/SECURITY.md).
 
 ### Everything Else
 
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..c3b18382
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,7 @@
+## Reporting a Vulnerability
+
+If you believe you've discovered a security vulnerability, please contact the Valkey team at security@lists.valkey.io.
+Please *DO NOT* create an issue.
+We follow a responsible disclosure procedure, so depending on the severity of the issue we may notify Valkey vendors about the issue before releasing it publicly.
+If you would like to be added to our list of vendors, please reach out to the Valkey team at maintainers@lists.valkey.io.
+