diff --git a/gulpfile.js b/gulpfile.js
index 15be24403..9b3aa2ddc 100644
--- a/gulpfile.js
+++ b/gulpfile.js
@@ -189,7 +189,7 @@ task("sass", function () {
 });
 
 task("static", function () {
-  return src("./static/**/*").pipe(dest("./dist/"));
+  return src("./static/**/*", { dot: true }).pipe(dest("./dist/"));
 });
 
 //copies refactored js files to dist/gen so that they can be required by dist/gen/index.js
diff --git a/static/.well-known/security.txt b/static/.well-known/security.txt
new file mode 100644
index 000000000..6b5246f3d
--- /dev/null
+++ b/static/.well-known/security.txt
@@ -0,0 +1,6 @@
+Contact: mailto:jack@monkeytype.com
+Contact: message @Miodec on discord.gg/monkeytype
+Expires: 2022-06-03T21:00:00.000Z
+Preferred-Languages: en
+Canonical: https://monkeytype.com/.well-known/security.txt
+Policy: https://monkeytype.com/security-policy
diff --git a/static/index.html b/static/index.html
index bbc0b6900..c114ba8f0 100644
--- a/static/index.html
+++ b/static/index.html
@@ -4266,6 +4266,10 @@
                 <i class="fas fa-fw fa-donate"></i>
                 <span id="supportMeButton">Donate</span>
               </div>
+              <div>
+                <i class="fas fa-bug"></i>
+                <a href="security-policy.html" target="_blank">Security</a>
+              </div>
               <div>
                 <i class="fas fa-user-shield"></i>
                 <a href="privacy-policy.html" target="_blank">Privacy Policy</a>
diff --git a/static/security-policy.html b/static/security-policy.html
new file mode 100644
index 000000000..e955b8319
--- /dev/null
+++ b/static/security-policy.html
@@ -0,0 +1,135 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Monkeytype</title>
+    <!-- <link rel="stylesheet" href="css/fa.css" /> -->
+    <link rel="stylesheet" href="css/balloon.css" />
+    <link rel="stylesheet" href="css/style.css" />
+    <link rel="stylesheet" href="themes/serika_dark.css" id="currentTheme" />
+    <link rel="stylesheet" href="" id="funBoxTheme" />
+    <link id="favicon" rel="shortcut icon" href="images/fav.png" />
+    <link rel="shortcut icon" href="images/fav.png" />
+    <meta name="name" content="Monkeytype" />
+    <meta name="image" content="https://monkeytype.com/mtsocial.png" />
+    <meta
+      name="description"
+      content="A minimalistic, customisable typing website. Test yourself in various modes, track your progress and improve your typing speed."
+    />
+    <meta
+      name="keywords"
+      content="typing, test, typing-test, typing test, monkey-type, monkeytype, monkey type, monkey-types, monkeytypes, monkey types, types, monkey, type, miodec, wpm, words per minute, typing website, minimalistic, custom typing test, customizable, customisable, themes, random words, smooth caret, smooth, new, new typing site, new typing website, minimalist typing website, minimalistic typing website, minimalist typing test"
+    />
+    <meta name="author" content="Miodec" />
+    <meta property="og:title" content="Monkeytype" />
+    <meta property="og:url" content="https://monkeytype.com/" />
+    <meta property="og:type" content="website" />
+    <meta
+      property="og:description"
+      content="A minimalistic, customisable typing website. Test yourself in various modes, track your progress and improve your typing speed."
+    />
+    <meta property="og:image" content="https://monkeytype.com/mtsocial.png" />
+    <meta name="theme-color" content="#e2b714" id="metaThemeColor" />
+    <meta name="twitter:title" content="Monkeytype" />
+    <meta name="twitter:image" content="https://monkeytype.com/mtsocial.png" />
+    <meta name="twitter:card" content="summary_large_image" />
+    <style>
+      #top {
+        font-size: 2.5rem;
+      }
+
+      #middle {
+        color: var(--text-color);
+      }
+
+      h1 {
+        font-weight: unset;
+        color: var(--main-color);
+        font-size: 2rem;
+        margin-top: 3rem;
+      }
+
+      body {
+        justify-content: center;
+        display: flex;
+      }
+    </style>
+    <script defer>
+      // TODO: Add notification that appears when username copy is successful from notifications module
+      function copyUserName() {
+        if (true) {
+          navigator.clipboard.writeText("Miodec#1512");
+          alert("Copied To Clipboard!");
+        } else {
+          alert("Unable to copy username");
+        }
+      }
+    </script>
+  </head>
+
+  <body>
+    <div id="centerContent">
+      <div id="top">
+        <div class="logo">
+          <div class="top">monkey see</div>
+          <div class="bottom">
+            <a href="/ " style="text-decoration: none; color: inherit">
+              monkeytype
+            </a>
+            <span style="color: var(--text-color)">Security Policy</span>
+          </div>
+        </div>
+      </div>
+      <div id="middle">
+        <p>
+          Monkeytype takes the security of its platform seriously. If you are a
+          security researcher and have found a vulnerability, we would like to
+          work with you to remediate the issue.
+        </p>
+        <p>Table of Contents</p>
+        <!-- The last three internal links are redunant but give more context to the user when viewing the table of contents -->
+        <ul>
+          <li>
+            <a href="#Vulnerability_Disclosure">
+              How to Disclose a Vulnearbility
+            </a>
+          </li>
+          <li><a href="#Submission_Guidelines">Submission Guidelines</a></li>
+        </ul>
+
+        <h1 id="Vulnerability_Disclosure">How to Disclose a Vulnerability?</h1>
+        <p>
+          For vulnerabilities that impact the confidentiality, integrity and
+          availability of monkeytype services, please send your disclosure via
+          (1)
+          <a href="mailto:jack@monkeytype.com">mail</a>
+          , or (2) private discord chat to
+          <a href="https://www.discord.gg/monkeytype">miodec</a>
+          . For non-security related platform bugs, follow the bug submission
+          <a
+            href="https://github.com/Miodec/monkeytype#bug-report-or-feature-request"
+          >
+            guidelines
+          </a>
+          .Include as much detail as possible to ensure reproducibility. At a
+          minimum, vulnerability disclosures should include:
+        </p>
+        <ul>
+          <li>Vulnerability Description</li>
+          <li>Proof of Concept</li>
+          <li>Impact</li>
+          <li>Screenshots or Proof</li>
+        </ul>
+
+        <h1 id="Submission_Guidelines">Submission Guidelines</h1>
+        <p>
+          Do not engage in activities that might cause a denial of service
+          condition, create significant strains on critical resources, or
+          negatively impact users of the site outside of test accounts.
+        </p>
+      </div>
+    </div>
+    <!-- TODO: Add image to go back to top of page -->
+  </body>
+</html>