diff --git a/.github/workflows/security-report.yaml b/.github/workflows/security-report.yaml
new file mode 100644
index 000000000..7efe914ed
--- /dev/null
+++ b/.github/workflows/security-report.yaml
@@ -0,0 +1,30 @@
+name: Test security reports
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  sast-codeql-analyze:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Create release files
+        run: mkdir reports
+
+      - name: Generate Security Report
+        uses: rsdmike/github-security-report-action@v3.0.4
+        with:
+          template: summary
+          token: ${{ secrets.GITHUB_TOKEN }}
+          sarifReportDir: "reports"
+          outputDir: "security-reports"
+
+      - name: Upload Generated CodeQL Analysis Security Report as Artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: security_report
+          path: security-reports