diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 14395ac..24ff5ec 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,18 +1,26 @@
+# You can override the included template(s) by including variable overrides
+# SAST customization: https://docs.gitlab.com/ee/user/application_security/sast/#customizing-the-sast-settings
+# Secret Detection customization: https://docs.gitlab.com/ee/user/application_security/secret_detection/#customizing-settings
+# Dependency Scanning customization: https://docs.gitlab.com/ee/user/application_security/dependency_scanning/#customizing-the-dependency-scanning-settings
+# Note that environment variables can be set in several places
+# See https://docs.gitlab.com/ee/ci/variables/#cicd-variable-precedence
 stages:
-  - test
-  - publish
-
+- test
+- publish
 running tests for tag:
   image: mcr.microsoft.com/dotnet/sdk:5.0
   stage: test
   script:
-    - dotnet test tests/update-tag.tests
-
+  - dotnet test tests/update-tag.tests
 publish to nuget:
   only:
-    - /^\d*.\d*.\d*$/ # gets triggered if the commit tag is in the form n.n.n where n is any number
+  - "/^\\d*.\\d*.\\d*$/"
   image: mcr.microsoft.com/dotnet/sdk:5.0
   stage: publish
   script:
-    - dotnet pack src/Cli -o ./packaged
-    - dotnet nuget push ./packaged/*.nupkg -k $NUGET_API_KEY -s https://api.nuget.org/v3/index.json
+  - dotnet pack src/Cli -o ./packaged
+  - dotnet nuget push ./packaged/*.nupkg -k $NUGET_API_KEY -s https://api.nuget.org/v3/index.json
+sast:
+  stage: test
+include:
+- template: Security/SAST.gitlab-ci.yml