diff --git a/security_tools.yaml b/security_tools.yaml
new file mode 100644
index 0000000..597365c
--- /dev/null
+++ b/security_tools.yaml
@@ -0,0 +1,54 @@
+# Tribe and Squad identification
+tribe: fivestars
+squad: fivestars
+
+security_tools:
+
+  # Secrets Detection
+  secrets_detection:
+    enabled: 1
+    secrets_scanning: 1
+    pr_based:
+      enabled: 0
+
+  # Static Application Security Testing (SAST)
+  sast:
+    enabled: 1
+    tools:
+      codeQL:
+        enabled: 1
+        config_file_path: '-'
+      veracode:
+        enabled: 0
+      sonarcloud:
+        enabled: 0
+      sobelow:
+        enabled: 0
+      credo:
+        enabled: 0
+      klocwork:
+        enabled: 0
+
+  # SCA (Software Composition Analysis)
+  sca:
+    dependabot:
+      enabled: 1
+      config_file_path: '.github/dependabot.yml'
+    dependency_review:
+      enabled: 0
+
+  # Container Security
+  container_security:
+    trivy:
+      enabled: 0
+      config_file_path: '-'
+
+  # IaC (Infrastructure-as-code) security
+  iac_security:
+    tfsec:
+      enabled: 0
+
+  # Dynamic Application Security Testing (DAST)
+  dast:
+    zap:
+      enabled: 0