diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 910c67da2a..eb0c6600bc 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -213,8 +213,9 @@ and how to reproduce it if known, your browser/OS if relevant, and a
 if appropriate.
 
 **Reporting security issues**. Please do not report security issues
-  publicly, including on public streams on chat.zulip.org. You can email
-  zulip-security@googlegroups.com. We create a CVE for every security issue.
+  publicly, including on public streams on chat.zulip.org. You can
+  email security@zulipchat.com.  We create a CVE for every security
+  issue in our released software.
 
 ## User feedback
 
diff --git a/docs/production/security-model.md b/docs/production/security-model.md
index b226d66b2a..3cc938353b 100644
--- a/docs/production/security-model.md
+++ b/docs/production/security-model.md
@@ -1,13 +1,12 @@
 # Security Model
 
-This section attempts to document the Zulip security model.
-It likely does not cover every issue; if
-there are details you're curious about, please feel free to ask
-questions in [#production help](https://chat.zulip.org/#narrow/stream/31-production-help)
-on the [Zulip community server](../contributing/chat-zulip-org.md)
-(or if you think
-you've found a security bug, please report it to
-zulip-security@googlegroups.com so we can do a responsible security
+This section attempts to document the Zulip security model.  It likely
+does not cover every issue; if there are details you're curious about,
+please feel free to ask questions in [#production
+help](https://chat.zulip.org/#narrow/stream/31-production-help) on the
+[Zulip community server](../contributing/chat-zulip-org.md) (or if you
+think you've found a security bug, please report it to
+security@zulipchat.com so we can do a responsible security
 announcement).
 
 ## Secure your Zulip server like your email server
@@ -244,9 +243,9 @@ strength allowed is controlled by two settings in
 ## Final notes and security response
 
 If you find some aspect of Zulip that seems inconsistent with this
-security model, please report it to zulip-security@googlegroups.com so
-that we can investigate and coordinate an appropriate security release
-if needed.
+security model, please report it to security@zulipchat.com so that we
+can investigate and coordinate an appropriate security release if
+needed.
 
 Zulip security announcements will be sent to
 zulip-announce@googlegroups.com, so you should subscribe if you are