diff --git a/.dryrunsecurity.yaml b/.dryrunsecurity.yaml
new file mode 100644
index 00000000..685da3e9
--- /dev/null
+++ b/.dryrunsecurity.yaml
@@ -0,0 +1,12 @@
+sensitiveCodepaths:
+  # Files only allowed authors can modify
+  # - 'app.js'
+  # - 'controllers/**/*.js'
+allowedAuthors:
+  usernames:
+    # GitHub username
+    # - 'john-doe'
+notificationList:
+  # GitHub username or team name
+  # - '@DryRunSec/security'
+  # - '@john-doe'