diff --git a/README.md b/README.md
index 190ddf52ee3417652d94a69c569a1b2eeef0a232..6ae2a7b08336e12e77e1a848dae8583d7b2f20aa 100644
--- a/README.md
+++ b/README.md
@@ -102,13 +102,9 @@ All changes or deprecations of connector features will be announced in the [rele
 * Client libraries
   * [Go][go-oidc]
 
-## Reporting a security vulnerability
+## Reporting a vulnerability
 
-Due to their public nature, GitHub and mailing lists are NOT appropriate places
-for reporting vulnerabilities.
-
-Please email the [maintainers list](mailto:cncf-dex-maintainers@lists.cncf.io) to report issues that may
-be security-related.
+Please see our [security policy](.github/SECURITY.md) for details about reporting vulnerabilities.
 
 ## Getting help