diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..8182bf40
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,27 @@
+# Security Policy
+
+## Reporting a Vulnerability
+If you discover any security vulnerabilities in the `es-hangul` package, please report them immediately. We take security seriously and will address all legitimate reports in a timely manner.
+
+### How to Report
+To report a vulnerability, please email us at [chanhyuk.park@toss.im]. Provide as much detail as possible about the vulnerability, including:
+
+* The nature of the vulnerability
+* Steps to reproduce the issue
+* Any potential risks or impacts on users
+* Your contact information for further clarification
+
+### Response Process
+1) We will acknowledge receipt of your report within 48 hours and begin investigating the issue.
+2) After validating the report, we will work to fix the vulnerability and release an update as soon as possible.
+3) You will be informed of the resolution once the fix is deployed and may be credited in the release notes if desired.
+4) Security patches will be communicated through GitHub releases and other relevant channels.
+
+## Security Best Practices
+We recommend following these best practices to help maintain the security of your application when using `es-hangul`:
+
+* Always use the latest version of es-hangul.
+* Regularly update your dependencies to include the latest security fixes.
+* Review and monitor your own usage for potential security issues.
+
+If you have any questions or need further information, please don't hesitate to contact us.