diff --git a/.github/workflows/blackduck.yml b/.github/workflows/blackduck.yml
new file mode 100644
index 000000000..08c8d2af1
--- /dev/null
+++ b/.github/workflows/blackduck.yml
@@ -0,0 +1,58 @@
+name: Black Duck Security Scan
+
+on:
+  pull_request: {}
+  push:
+    branches:
+    - main
+    - master
+  schedule:
+    # Run weekly on Sundays at 2 AM UTC
+    - cron: '0 2 * * 0'
+
+permissions:
+  contents: read
+  packages: read
+
+jobs:
+  blackduck-scan:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Test Black Duck Connection
+      run: |
+        echo "Testing connection to Black Duck server..."
+        curl -I "${{ secrets.BLACKDUCK_URL }}" || echo "Connection test failed"
+        
+    - name: Run Black Duck Detect
+      run: |
+        # Download and run Black Duck Detect
+        curl -O https://detect.blackduck.com/detect9.sh
+        chmod +x detect9.sh
+        
+        # Add debug logging
+        ./detect9.sh \
+          --blackduck.url=${{ secrets.BLACKDUCK_URL }} \
+          --blackduck.api.token=${{ secrets.BLACKDUCK_TOKEN }} \
+          --detect.project.name=${{ github.repository }} \
+          --detect.project.version.name=${{ github.ref_name }} \
+          --detect.source.path=.\
+          --detect.code.location.name="${{ github.repository }}-${{ github.ref_name }}" \
+          --detect.policy.check.fail.on.severities=BLOCKER,CRITICAL \
+          --detect.cleanup=false \
+          --logging.level.detect=DEBUG \
+          --blackduck.trust.cert=true \
+          --detect.excluded.directories=node_modules,target,build,dist,.git \
+          --detect.detector.search.depth=99
+
+    - name: Upload Black Duck results
+      uses: actions/upload-artifact@v4
+      if: always()
+      with:
+        name: blackduck-results
+        path: |
+          .synopsys/
+          blackduck-output/