diff --git a/.bandit b/.bandit
deleted file mode 100644
index 75d550c..0000000
--- a/.bandit
+++ /dev/null
@@ -1 +0,0 @@
-skips: ['B101']
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index c222bcb..ae0f183 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -51,8 +51,13 @@ jobs:
         run: pip install -e .[all]
 
       - name: Style
+        if: !matrix.coverage
         run: flake8
 
+      - name: Bandit
+        if: !matrix.coverage
+        run: bandit -r metomi/isodatetime -c pyproject.toml
+
       - name: Run tests
         env:
           TZ: ${{ matrix.tz }}
diff --git a/pyproject.toml b/pyproject.toml
index 4aaaaf4..29d4477 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -82,7 +82,23 @@ test = [
     "pytest-cov",
     "pytest-xdist",
     "flake8",
+    "bandit",
 ]
 all = [
     "metomi-isodatetime[test]",
 ]
+
+
+[tool.pytest.ini_options]
+addopts = "-v -s -ra --color=auto --doctest-glob='*.md' -m 'not slow'"
+markers = [
+    "slow: mark a test as slow - it will be skipped by default (use '-m \"slow or not slow\"' to run all tests)"
+]
+testpaths = [
+    "metomi/isodatetime/tests",
+    "README.md",
+]
+
+
+[tool.bandit]
+exclude_dirs = ["metomi/isodatetime/tests"]
diff --git a/pytest.ini b/pytest.ini
deleted file mode 100644
index 3629552..0000000
--- a/pytest.ini
+++ /dev/null
@@ -1,28 +0,0 @@
-# Copyright (C) British Crown (Met Office) & Contributors.
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-[pytest]
-addopts =
-    -v
-    -s
-    -ra
-    --color=auto
-    --doctest-glob='*.md'
-    -m 'not slow'
-markers =
-    slow: mark a test as slow - it will be skipped by default (use '-m "slow or not slow"' to run all tests)
-testpaths =
-    metomi/isodatetime/tests
-    README.md