diff --git a/.github/workflows/zap-web.yml b/.github/workflows/zap-web.yml
new file mode 100644
index 0000000..473b4b7
--- /dev/null
+++ b/.github/workflows/zap-web.yml
@@ -0,0 +1,18 @@
+name: "ZAPWEB"
+on:
+    push:
+      branches: [ main ]
+    pull_request:
+      # The branches below must be a subset of the branches above
+      branches: [ main ]
+    schedule:
+      - cron: '36 0 * * 1'
+jobs:
+    zap_scan:
+      runs-on: ubuntu-latest
+      name: Scan the webapplication
+      steps:
+        - name: ZAP Scan
+          uses: zaproxy/action-baseline@v0.10.0
+          with:
+            target: 'https://localhost:4200'
\ No newline at end of file