diff --git a/SECURITY.md b/SECURITY.md
index 8798c66f57..77896640b3 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,4 +2,30 @@
 
 ## Reporting a Vulnerability
 
-Please report security issues to `support@penpot.app`
\ No newline at end of file
+We take the security of this project seriously. If you have discovered
+a security vulnerability, please do **not** open a public issue.
+
+Please report vulnerabilities via email to: **[support@penpot.app]**
+
+
+### What to include:
+
+* A brief description of the vulnerability.
+* Steps to reproduce the issue.
+* Potential impact if exploited.
+
+We appreciate your patience and your commitment to **responsible disclosure**.
+
+---
+
+## Security Contributors
+
+We are incredibly grateful to the following individuals and
+organizations for their help in keeping this project safe.
+
+* **Ali Maharramli** – for identifying critical path traversal vulnerability
+
+
+> **Note:** This list is a work in progress. If you have contributed
+> to the security of this project and would like to be recognized (or
+> prefer to remain anonymous), please let us know.