diff --git a/.github/workflows/securityScan.yml b/.github/workflows/securityScan.yml
new file mode 100644
index 00000000..a733d908
--- /dev/null
+++ b/.github/workflows/securityScan.yml
@@ -0,0 +1,21 @@
+name: Run trivy security scan
+on:
+  push:
+    branches:
+      - 'develop'
+  pull_request:
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Run Trivy vulnerability scanner in fs mode
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          scan-ref: '.'
+          format: 'table'
+          exit-code: 1
+          severity: CRITICAL
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 44998d6d..238b7302 100644
--- a/pom.xml
+++ b/pom.xml
@@ -39,6 +39,7 @@
     <ehcache.version>2.10.6</ehcache.version>
     <easy-random-core.version>5.0.0</easy-random-core.version>
     <spring-boot-autoconfigure.version>2.7.5</spring-boot-autoconfigure.version>
+    <liquibase-core.version>4.9.1</liquibase-core.version>
   </properties>
 
   <dependencies>
@@ -146,6 +147,11 @@
       <artifactId>liquibase-maven-plugin</artifactId>
       <version>${liquibase-maven-plugin.version}</version>
     </dependency>
+    <dependency>
+      <groupId>org.liquibase</groupId>
+      <artifactId>liquibase-core</artifactId>
+      <version>${liquibase-core.version}</version>
+    </dependency>
 
     <!-- Test scope dependencies -->
     <dependency>