diff --git a/.gitea/workflows/sonarqube.yaml b/.gitea/workflows/sonarqube.yaml
index 47c4e68..606662e 100644
--- a/.gitea/workflows/sonarqube.yaml
+++ b/.gitea/workflows/sonarqube.yaml
@@ -27,10 +27,26 @@ jobs:
     - name: Run TFLint
       run: tflint --format compact
 
+  tfsec:
+    name: Tfsec Security Scan
+    runs-on: ubuntu-latest
+    needs: tflint
+    steps:
+    - name: Checking out
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+
+    - name: Run Tfsec
+      uses: aquasecurity/tfsec-action@v1.0.3
+      with:
+        format: default
+        soft_fail: false
+
   checkov:
     name: Checkov Security Scan
     runs-on: ubuntu-latest
-    needs: tflint
+    needs: tfsec
     steps:
     - name: Checking out
       uses: actions/checkout@v4