diff --git a/.github/workflows/scan-gosec.yaml b/.github/workflows/scan-gosec.yaml
index 066564e3..0ddf041e 100644
--- a/.github/workflows/scan-gosec.yaml
+++ b/.github/workflows/scan-gosec.yaml
@@ -10,8 +10,6 @@ on:
   pull_request:
     branches:
       - main
-  schedule:
-  - cron: '0 0 * * 0'
 jobs:
   tests:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/scan-kics.yaml b/.github/workflows/scan-kics.yaml
new file mode 100644
index 00000000..4c049b0a
--- /dev/null
+++ b/.github/workflows/scan-kics.yaml
@@ -0,0 +1,45 @@
+name: Scan CVEs - KICS
+
+permissions:
+  contents: read
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+jobs:
+  kics:
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+      
+      - name: run kics Scan
+        uses: checkmarx/kics-github-action@94469746ec2c43de89a42fb9d2a80070f5d25b16 # v2.1.3
+        with:
+          output_formats: 'sarif'
+     
+      - name: display kics results
+        run: |
+          cat results.sarif
+      
+      - name: Upload artifact
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
+        with:
+          sarif_file: results.sarif
+
+    
\ No newline at end of file