diff --git a/SECURITY.md b/SECURITY.md
index b10980cb..6d1b95da 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,10 +1,14 @@
-# Security Policy
+# Security policy
 
-## Reporting a Vulnerability
+## Reporting a vulnerability
 
-To report a vulnerability, please send an email to `security@httpie.io` describing the:
+When you identify a vulnerability in HTTPie, please report it privately using one of the following channels:
 
-- The description of the vulnerability itself
-- A short reproducer to verify it (you can submit a small HTTP server, a shell script, a docker image etc.)
-- The severity level classification (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
-- If associated with any, the [CWE](https://cwe.mitre.org/) ID.
+- Email to [`security@httpie.io`](mailto:security@httpie.io)
+- Report on [huntr.dev](https://huntr.dev/)
+
+In addition to the description of the vulnerability, please include also:
+
+- A short reproducer to verify it (it can be a small HTTP server, shell script, docker image, etc.)
+- Your deemed severity level of the vulnerability (`LOW`/`MEDIUM`/`HIGH`/`CRITICAL`)
+- [CWE](https://cwe.mitre.org/) ID, if available.
diff --git a/docs/README.md b/docs/README.md
index 50912955..836c478d 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -2252,7 +2252,7 @@ $ http --session=./session.json pie.dev/headers Cookie:foo=bar
 
 In summary:
 
-- Cookies set via the CLI overwrite cookies of the same name inside session files. 
+- Cookies set via the CLI overwrite cookies of the same name inside session files.
 - Server-sent `Set-Cookie` header cookies overwrite any pre-existing ones with the same name.
 
 Cookie expiration handling:
@@ -2293,7 +2293,7 @@ Upgraded 'session.json' @ 'pie.dev' to v3.1.0
 These flags are available for both `sessions upgrade` and `sessions upgrade-all`:
 
 ------------------|------------------------------------------
-`--bind-cookies`  | Bind all previously [unbound cookies](#host-based-cookie-policy) to the session’s host. 
+`--bind-cookies`  | Bind all previously [unbound cookies](#host-based-cookie-policy) to the session’s host.
 
 ## Config
 
@@ -2532,6 +2532,10 @@ Helpers to convert from other client tools:
 
 See [CONTRIBUTING](https://github.com/httpie/httpie/blob/master/CONTRIBUTING.md).
 
+### Security policy
+
+See [github.com/httpie/httpie/security/policy](https://github.com/httpie/httpie/security/policy).
+
 ### Change log
 
 See [CHANGELOG](https://github.com/httpie/httpie/blob/master/CHANGELOG.md).