diff --git a/.github/workflows/vulnerability-scan.yaml b/.github/workflows/vulnerability-scan.yaml
new file mode 100644
index 0000000..69faf24
--- /dev/null
+++ b/.github/workflows/vulnerability-scan.yaml
@@ -0,0 +1,27 @@
+name: Vulnerability Scan
+
+on:
+  release:
+    types: [ created ]
+
+jobs:
+  vulnerability-scan:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    steps:
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v2
+
+    - name: build local container
+      uses: docker/build-push-action@v4
+      with:
+        tags: docker.io/guardgress:1.0.0-dev
+        push: false
+        load: true
+
+    - name: Scan image
+      uses: anchore/scan-action@v3
+      with:
+        image: "docker.io/guardgress:1.0.0-dev"
\ No newline at end of file
diff --git a/README.md b/README.md
index e647a34..c044ffb 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,6 @@
 # Guardgress
 ![Tests](https://github.com/h3adex/guardgress/actions/workflows/test-go-code.yaml/badge.svg)
+![Vulnerability Scan](https://github.com/h3adex/guardgress/actions/workflows/vulnerability-scan.yaml/badge.svg)
 ![Docker](https://github.com/h3adex/guardgress/actions/workflows/publish-to-docker.yaml/badge.svg)
 
 Guardgress showcases a Web Application Firewall (WAF) integration within