diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 00000000..f7b28a66
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,97 @@
+name: "CodeQL Advanced"
+
+on:
+  push:
+  pull_request:
+  merge_group:
+  schedule: # Trigger a job on default branch at 4AM PST everyday
+    - cron: 0 11 * * *
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: windows-latest
+    permissions:
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        wdk:
+          - Microsoft.WindowsWDK.10.0.22621 # NI WDK
+
+        llvm:
+          - 17.0.6
+
+        rust_toolchain:
+          - stable
+          - beta
+          - nightly
+
+        cargo_profile:
+          - dev
+          - release
+
+        target_triple:
+          - x86_64-pc-windows-msvc
+          - aarch64-pc-windows-msvc
+
+        include:
+        - language: c-cpp
+          build-mode: manual
+  
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Install Winget
+      uses: ./.github/actions/winget-install
+      with:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Install LLVM ${{ matrix.llvm }}
+      run: |
+        if ((Get-WinGetPackage -Id LLVM -Source winget -MatchOption Equals).InstalledVersion -eq '${{ matrix.llvm }}') {
+          Write-Host "LLVM ${{ matrix.llvm }} is already installed."
+        } else {
+          Write-Host "Installing LLVM ${{ matrix.llvm }}..."
+          Install-WinGetPackage -Id LLVM.LLVM -Version ${{ matrix.llvm }} -Source winget -MatchOption Equals -Mode Silent -Force
+        }
+        clang --version
+
+    - name: Install WDK (${{ matrix.wdk }})
+      run: |
+        if ((Get-WinGetPackage -Id ${{ matrix.wdk }} -Source winget -MatchOption Equals).Id -eq '${{ matrix.wdk }}') {
+          Write-Host "${{ matrix.wdk }} is already installed. Attempting to update..."
+          Update-WinGetPackage -Id ${{ matrix.wdk }} -Source winget -MatchOption Equals -Mode Silent -Force
+        } else {
+          Write-Host "Installing ${{ matrix.wdk }}..."
+          Install-WinGetPackage -Id ${{ matrix.wdk }} -Source winget -MatchOption Equals -Mode Silent -Force
+        }
+
+    - name: Install Rust Toolchain (${{ matrix.rust_toolchain }})
+      uses: dtolnay/rust-toolchain@master
+      with:
+        toolchain: ${{ matrix.rust_toolchain }}
+        components: clippy
+        targets: ${{ matrix.target_triple }}
+    
+    - name: Install Cargo Make
+      uses: taiki-e/install-action@v2
+      with:
+        tool: cargo-make
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        build-mode: ${{ matrix.build-mode }}
+        queries: security-extended,security-and-quality
+
+    - if: matrix.build-mode == 'manual'
+      working-directory: ./examples
+      run: cargo +${{ matrix.rust_toolchain }} make default --locked --profile ${{ matrix.cargo_profile }} --target ${{ matrix.target_triple }} --workspace
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{matrix.language}}"