diff --git a/.github/workflows/pr-security.yml b/.github/workflows/pr-security.yml
new file mode 100644
index 000000000..1f5453ed2
--- /dev/null
+++ b/.github/workflows/pr-security.yml
@@ -0,0 +1,27 @@
+on:
+  pull_request:
+    branches: [develop, release/**]
+  workflow_dispatch:
+
+jobs:
+  client-dependencies:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+  server-dependencies:
+    name: Scan server dependencies
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+      NANCY_VERSION: v1.0.11
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v2
+      - name: Download Nancy binary
+        run: curl -L "https://github.com/sonatype-nexus-community/nancy/releases/download/$NANCY_VERSION/nancy-$NANCY_VERSION-linux-amd64" -o nancy && chmod +x nancy
+      - name: Scan modules
+        run: cd api && go list -json -m all | ../nancy sleuth
diff --git a/.github/workflows/quality-scan.yml b/.github/workflows/quality-scan.yml
index 8c212d4b4..886820954 100644
--- a/.github/workflows/quality-scan.yml
+++ b/.github/workflows/quality-scan.yml
@@ -1,8 +1,7 @@
 on:
-  push:
-    branches: [develop, release/**, feat/ce-220-security-scan]
+  # runs on default branch
   schedule:
-    - cron: "24 11 * * *"
+    - cron: "0 11 * * *"
   workflow_dispatch:
 
 jobs: