diff --git a/deny.toml b/deny.toml
new file mode 100644
index 0000000..574ff78
--- /dev/null
+++ b/deny.toml
@@ -0,0 +1,38 @@
+# cargo-deny configuration
+# https://embarkstudios.github.io/cargo-deny/
+
+[licenses]
+# Allow common open source licenses
+allow = [
+    "MIT",
+    "Apache-2.0",
+    "BSD-2-Clause",
+    "BSD-3-Clause",
+    "ISC",
+    "Unlicense",
+    "MPL-2.0",
+]
+
+# Allow licenses with specific exceptions
+exceptions = []
+
+# Confidence threshold for license detection
+confidence-threshold = 0.8
+
+[bans]
+# Warn on multiple versions of same crate
+multiple-versions = "warn"
+wildcards = "allow"
+deny = []
+
+[sources]
+# Ensure all dependencies come from crates.io
+unknown-registry = "deny"
+unknown-git = "deny"
+
+[advisories]
+# Check for security vulnerabilities
+vulnerability = "deny"
+unmaintained = "warn"
+unsound = "warn"
+yanked = "warn"