diff --git a/SECURITY.md b/SECURITY.md
index 08e9ac0eed..8dfe393363 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -44,6 +44,18 @@ Please restrain from publicly discussing a potential security vulnerability. 
 
 It's better to discuss privately and try to find a solution first, to limit the potential impact as much as possible.
 
+## How FastAPI Handles Security
+
+If you are wondering, we implement security best practices in how the repository is handled, including:
+
+* Protected branches with required checks.
+* MFA required for team members.
+* Packages published via trusted publishing.
+* Sha-pinned GitHub Actions.
+* No GitHub Actions' workflows combining `pull_request_target` and `actions/checkout`.
+* Automated dependency PR updates, with a cool down period.
+* etc.
+
 ---
 
 Thanks for your help!