diff --git a/README.md b/README.md
index 0431e656d..d8537d278 100644
--- a/README.md
+++ b/README.md
@@ -66,7 +66,7 @@ The core development principles and strategies that OpenZeppelin Contracts is ba
 
 The latest audit was done on October 2018 on version 2.0.0.
 
-Please report any security issues you find via our [bug bounty program on Immunefi](https://www.immunefi.com/bounty/openzeppelin) or directly to security@openzeppelin.org.
+We have a [**bug bounty program** on Immunefi](https://www.immunefi.com/bounty/openzeppelin). Please report any security issues you find through the Immunefi dashboard, or reach out to security@openzeppelin.com.
 
 Critical bug fixes will be backported to past major releases.
 
diff --git a/SECURITY.md b/SECURITY.md
index d1c6c6643..98701be69 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,5 +1,11 @@
 # Security Policy
 
+## Bug Bounty
+
+We have a [**bug bounty program** on Immunefi](https://www.immunefi.com/bounty/openzeppelin). Please report any security issues you find through the Immunefi dashboard, or reach out to security@openzeppelin.com.
+
+Critical bug fixes will be backported to past major releases.
+
 ## Supported Versions
 
 The recommendation is to use the latest version available.
@@ -12,9 +18,3 @@ The recommendation is to use the latest version available.
 | < 2.0   | :x:                                  |
 
 Note that the Solidity language itself only guarantees security updates for the latest release.
-
-## Reporting a Vulnerability
-
-Please report any security issues you find to security@openzeppelin.org.
-
-Critical bug fixes will be backported to past major releases.