diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index ccac52604..ddc23b5ae 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -27,15 +27,21 @@ on:
               type: string
               default: "project-codeflare"
 
+env:
+  PR_BRANCH_NAME: snyk-tag-monitoring-${{ github.run_id }}
+
 jobs:
     release:
         runs-on: ubuntu-latest
         permissions:
             contents: write
             id-token: write  # This permission is required for trusted publishing
+            pull-requests: write # This permission is required for creating PRs
         steps:
             - name: Checkout the repository
               uses: actions/checkout@v4
+              with:
+                  token: ${{ secrets.GH_CLI_TOKEN }}
             - name: Install Python
               uses: actions/setup-python@v5
               with:
@@ -81,3 +87,21 @@ jobs:
               env:
                 GITHUB_TOKEN: ${{ secrets.CODEFLARE_MACHINE_ACCOUNT_TOKEN }}
               shell: bash
+
+            - name: Install Snyk CLI and setup monitoring for new release tag
+              env:
+                SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+                SNYK_ORG: ${{ secrets.SNYK_ORG }}
+              run: |
+                echo "Installing Snyk CLI"
+                npm install -g snyk
+
+                echo "Fetching tags"
+                git fetch origin 'refs/tags/*:refs/tags/*'
+
+                echo "Authenticating with Snyk"
+                snyk auth ${SNYK_TOKEN}
+
+                echo "Scanning project: codeflare-sdk/v${{ github.event.inputs.release-version }}"
+                git checkout v${{ github.event.inputs.release-version }}
+                snyk monitor --all-projects --exclude=requirements.txt --org=${SNYK_ORG} --target-reference="$(git describe --tags)"
diff --git a/.github/workflows/snyk-security.yaml b/.github/workflows/snyk-security.yaml
new file mode 100644
index 000000000..ba4af2dc9
--- /dev/null
+++ b/.github/workflows/snyk-security.yaml
@@ -0,0 +1,29 @@
+name: Snyk Security
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  snyk-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install Snyk CLI
+        run: npm install -g snyk
+
+      - name: Snyk Monitor and Test multiple projects
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+          SNYK_ORG: ${{ secrets.SNYK_ORG }}
+        run: |
+          echo "Fetching tags"
+          git fetch origin 'refs/tags/*:refs/tags/*'
+
+          echo "Authenticating with Snyk"
+          snyk auth ${SNYK_TOKEN}
+
+          echo "Scanning project: codeflare-sdk/main"
+          snyk monitor --all-projects --exclude=requirements.txt --org=${SNYK_ORG} --target-reference="main"