diff --git a/.github/workflows/mend-scan.yml b/.github/workflows/mend-scan.yml
new file mode 100644
index 0000000..c73e60d
--- /dev/null
+++ b/.github/workflows/mend-scan.yml
@@ -0,0 +1,51 @@
+---
+name: 'Mend CLI Scan'
+
+on:
+  schedule:
+    - cron: '0 0 1 * *'
+  workflow_dispatch: {}
+
+permissions:
+  contents: 'read'
+  pull-requests: 'read'
+
+jobs:
+  mend-scan:
+    runs-on: 'ubuntu-latest'
+    name: 'Mend CLI Scan'
+    steps:
+      - name: 'Checkout code'
+        uses: 'actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd' # v6.0.2
+        with:
+          persist-credentials: false
+         
+      # No build steps configured - customize manually if needed
+      - name: 'Download Mend CLI'
+        run: |
+          echo "Downloading Mend CLI"
+          curl -L https://downloads.mend.io/cli/linux_amd64/mend -o /usr/local/bin/mend
+          chmod +x /usr/local/bin/mend
+
+      - name: 'Mend CLI - SCA Scan'
+        env:
+          MEND_EMAIL: '${{ secrets.MEND_EMAIL }}'
+          MEND_USER_KEY: '${{ secrets.MEND_USER_KEY }}'
+          MEND_URL: '${{ secrets.MEND_URL }}'
+        run: |
+          echo "Running Mend SCA scan"
+          mend dep \
+            -u \
+            -s "Trimble, Inc.//devguide.trimble.com//devguide" \
+            -d "." \
+            --fail-policy
+      - name: 'Mend CLI - SAST Scan'
+        env:
+          MEND_EMAIL: '${{ secrets.MEND_EMAIL }}'
+          MEND_USER_KEY: '${{ secrets.MEND_USER_KEY }}'
+          MEND_URL: '${{ secrets.MEND_URL }}'
+        run: |
+          echo "Running Mend SAST scan"
+          mend code \
+            -s "Trimble, Inc.//devguide.trimble.com//devguide" \
+            -d "."