diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 00000000..b8b12e38
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,23 @@
+name: CI
+
+on: [push]
+
+jobs:
+  sast_scan:
+    name: Rub bandit scan
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: action/checkout@v2
+
+    - name: Set up Python
+      uses: actions/setup-python@v2
+      with: 
+        python-version: 3.8
+
+    - name: Install bandir
+      run: pip install bandit
+
+    -name: Run bandit scan
+      run: bandit -r .