diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml
deleted file mode 100644
index 0c5a7e58..00000000
--- a/.github/workflows/sonar.yml
+++ /dev/null
@@ -1,84 +0,0 @@
-name: SAST - SonarCloud
-on:
-  push:
-    branches-ignore:
-      - 'dependabot/*'
-  pull_request_target:
-  workflow_dispatch:
-
-jobs:
-  check_secret:
-    name: Check secret presence
-    runs-on: ubuntu-latest
-    steps:
-    - run: if [[ -z "$SONAR_TOKEN" ]]; then exit 1; else echo "Secret exists. The workflow will be continued"; fi
-    env:
-       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-
-  P_WD_analysis:
-    name: SAST - SonarCloud - Push/WD analysis
-    needs: check_secret
-    runs-on:  ubuntu-latest
-    if: (github.event_name == 'push'|| github.event_name == 'workflow_dispatch')
-    steps:
-      - name: Checkout project sources
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0 #Shallow clones should be disabled for a better relevancy of SonarCloud analysis
-      - uses: actions/setup-java@v3
-        with:
-          distribution: 'temurin'
-          java-version: '17'
-      - name: Cache SonarCloud packages
-        uses: actions/cache@v3
-        with:
-          path: ~/.sonar/cache
-          key: ${{ runner.os }}-sonar
-          restore-keys: ${{ runner.os }}-sonar
-      - name: Validate Gradle Wrapper
-        uses: gradle/wrapper-validation-action@v1
-      - name: setup projectkey
-        run: echo "PROJECTKEY=${{ github.repository_owner}}_$(echo ${{ github.repository }} | sed 's/.*\///')" >> $GITHUB_ENV
-      - name: Build with Gradle Wrapper & Run Sonar
-        uses: gradle/gradle-build-action@v2.9.0
-        with:
-          gradle-version: wrapper
-          arguments: test jacocoTestReport sonar --info --full-stacktrace -Dsonar.organization=${{ github.repository_owner }} -Dsonar.projectKey=${{ env.PROJECTKEY }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          CI: true
-
-  PR_analysis:
-    name: SAST - SonarCloud - PR analysis
-    needs: check_secret
-    runs-on:  ubuntu-latest
-    if: (github.event_name == 'pull_request_target')
-    steps:
-      - name: Checkout project sources
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0 #Shallow clones should be disabled for a better relevancy of SonarCloud analysis
-      - uses: actions/setup-java@v3
-        with:
-          distribution: 'temurin'
-          java-version: '17'
-      - name: Cache SonarCloud packages
-        uses: actions/cache@v3
-        with:
-          path: ~/.sonar/cache
-          key: ${{ runner.os }}-sonar
-          restore-keys: ${{ runner.os }}-sonar
-      - name: Validate Gradle Wrapper
-        uses: gradle/wrapper-validation-action@v1
-      - name: setup projectkey
-        run: echo "PROJECTKEY=${{ github.repository_owner}}_$(echo ${{ github.repository }} | sed 's/.*\///')" >> $GITHUB_ENV
-      - name: Build with Gradle Wrapper & Run Sonar
-        uses: gradle/gradle-build-action@v2.9.0
-        with:
-          gradle-version: wrapper
-          arguments: sonar --info --full-stacktrace -Dsonar.organization=${{ github.repository_owner }} -Dsonar.projectKey=${{ env.PROJECTKEY }} -Dsonar.pullrequest.key=${{ github.event.pull_request.number }} -Dsonar.pullrequest.base=${{ github.event.pull_request.base.ref }} -Dsonar.pullrequest.branch=${{ github.event.pull_request.head.ref }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-          CI: true
\ No newline at end of file
diff --git a/build.gradle.kts b/build.gradle.kts
index 6d49001e..5d6ca5c8 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -12,6 +12,7 @@ plugins {
     alias(libs.plugins.kotlin.plugin.spring)
     alias(libs.plugins.kotlin.plugin.serialization)
     alias(libs.plugins.spotless)
+    alias(libs.plugins.dependency.check)
 }
 
 group = "eu.europa.ec.eudi"
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index 70b6227d..d1426868 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -14,6 +14,7 @@ nimbusJoseJwt = "9.37.1"
 nimbusOAuth2 = "11.6"
 eudiSdJwt = "0.1.0-SNAPSHOT"
 bouncyCastle = "1.77"
+dependencyCheck = "8.4.2"
 
 [libraries]
 kotlinx-coroutines-core = { module = "org.jetbrains.kotlinx:kotlinx-coroutines-core", version.ref = "coroutines" }
@@ -36,4 +37,4 @@ spotless = { id = "com.diffplug.spotless", version.ref = "spotless" }
 kotlin-jvm = { id = "org.jetbrains.kotlin.jvm", version.ref = "kotlin" }
 kotlin-plugin-spring = { id = "org.jetbrains.kotlin.plugin.spring", version.ref = "kotlin" }
 kotlin-plugin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin" }
-
+dependency-check = { id = "org.owasp.dependencycheck", version.ref = "dependencyCheck" }