diff --git a/.github/workflows/maven-library-build.yml b/.github/workflows/maven-library-build.yml
index bbe8afa..026e274 100644
--- a/.github/workflows/maven-library-build.yml
+++ b/.github/workflows/maven-library-build.yml
@@ -67,3 +67,4 @@ jobs:
 
       - name: Upload code coverage
         uses: codecov/codecov-action@v3
+
diff --git a/.github/workflows/maven-service-build.yml b/.github/workflows/maven-service-build.yml
index 164481d..b45f270 100644
--- a/.github/workflows/maven-service-build.yml
+++ b/.github/workflows/maven-service-build.yml
@@ -31,7 +31,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Run Build Java
-        uses: valitydev/action-jdk-build@v0.0.14
+        uses: valitydev/action-jdk-build@trivy
         with:
           jdk-version: ${{ inputs.java-version }}
           jdk-distribution: ${{ inputs.java-distribution }}
@@ -45,7 +45,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Run Build Java
-        uses: valitydev/action-jdk-build@v0.0.14
+        uses: valitydev/action-jdk-build@trivy
         with:
           jdk-version: ${{ inputs.java-version }}
           jdk-distribution: ${{ inputs.java-distribution }}
@@ -54,3 +54,18 @@ jobs:
       - name: Upload code coverage
         uses: codecov/codecov-action@v3
 
+  scan:
+    name: Scan with Trivy
+    needs: build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Install Trivy CLI
+        run: |
+          wget https://github.com/aquasecurity/trivy/releases/download/v0.39.1/trivy_0.39.1_Linux-64bit.deb
+          sudo dpkg -i trivy_0.39.1_Linux-64bit.deb
+      - uses: actions/download-artifact@v3
+        with:
+          name: bom.json
+      - name: Run Trivy with SBOM
+        run: trivy sbom --exit-code 1 --severity CRITICAL,HIGH ./bom.json