diff --git a/jupyter/exposedui/README.md b/jupyter/exposedui/README.md
index a04354d8..cf5f49af 100644
--- a/jupyter/exposedui/README.md
+++ b/jupyter/exposedui/README.md
@@ -6,3 +6,11 @@ application. The service listens on port `80`.
 This configs deploys the following services:
 
 -   `jupyter`: the Jupyter Notebook application.
+
+
+## Docker Compose
+```
+docker compose up
+```
+
+The vulnerable instance will run on port `8081` and the safe instance will run on port `8082`.
\ No newline at end of file
diff --git a/jupyter/exposedui/docker-compose.yml b/jupyter/exposedui/docker-compose.yml
new file mode 100644
index 00000000..154dc086
--- /dev/null
+++ b/jupyter/exposedui/docker-compose.yml
@@ -0,0 +1,25 @@
+version: "3.9"
+
+services:
+  jupyter-vuln:
+    image: jupyter/base-notebook@sha256:8c903974902b0e9d45d9823c2234411de0614c5c98c4bb782b3d4f55b3e435e6
+    container_name: jupyter-vuln
+    ports:
+      - "8081:8888"
+    command: >
+      start-notebook.sh
+      --NotebookApp.token=''
+      --NotebookApp.allow_origin='*'
+      --NotebookApp.ip='0.0.0.0'
+      --NotebookApp.open_browser=False
+  jupyter-safe:
+    image: jupyter/base-notebook@sha256:8c903974902b0e9d45d9823c2234411de0614c5c98c4bb782b3d4f55b3e435e6
+    container_name: jupyter-safe
+    ports:
+      - "8082:8888"
+    command: >
+      start-notebook.sh
+      --NotebookApp.token='tsunami-not-a-secure-token'
+      --NotebookApp.allow_origin='*'
+      --NotebookApp.ip='0.0.0.0'
+      --NotebookApp.open_browser=False