diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000000..dffa96a4e08a
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,22 @@
+# Security Policy
+
+## Supported Versions
+
+Following versions are supported and maintained:
+
+| Version   | Supported          |
+|-----------|--------------------|
+| v1.31.x   | :white_check_mark: |
+| v1.30.x   | :white_check_mark: |
+| v1.29.x   | :white_check_mark: |
+| < v1.29.x | :x:                |
+
+## Reporting a Vulnerability
+
+k0s supports responsible disclosure and endeavors to resolve security issues in a reasonable timeframe.
+
+To report a security vulnerability, you can use Github [private security reporting] feature under the [Security tab].
+That allows the reporter and maintainers to coordinate the disclosure and the fix before public disclosure.
+
+[Security tab]: https://github.com/k0sproject/k0s/security
+[private security reporting]: https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability