diff --git a/Jenkinsfile_nightly b/Jenkinsfile_nightly
index deaa54a7c..eb9f97523 100644
--- a/Jenkinsfile_nightly
+++ b/Jenkinsfile_nightly
@@ -63,8 +63,13 @@ withNightlyPipeline(type, product, component) {
     enableMutationTest()
     enableFullFunctionalTest()
     enableSecurityScan()
+    enableFortifyScan()
 
     after('fullFunctionalTest') {
         steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/site/serenity/**/*'
     }
+
+    after('fortify-scan') {
+      steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/Fortify Scan/**/*'
+    }
 }
diff --git a/build.gradle b/build.gradle
index faf4e78ff..36f315f2d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -200,6 +200,12 @@ task migratePostgresDatabase(type: org.flywaydb.gradle.task.FlywayMigrateTask) {
     }
 }
 
+task fortifyScan(type: JavaExec)  {
+  main = "uk.gov.hmcts.fortifyclient.FortifyClientMainApp"
+  classpath += sourceSets.test.runtimeClasspath
+  jvmArgs = ['--add-opens=java.base/java.lang.reflect=ALL-UNNAMED']
+}
+
 jacoco {
     toolVersion = "0.8.5"
 }
@@ -341,6 +347,7 @@ dependencies {
     testCompile (group: 'net.serenity-bdd', name: 'serenity-junit', version: versions.serenity)
     testCompile (group: 'net.serenity-bdd', name: 'serenity-rest-assured', version: versions.serenity)
     testCompile (group: 'net.serenity-bdd', name: 'serenity-spring', version: versions.serenity)
+    testCompile 'com.github.hmcts:fortify-client:1.2.0:all'
 
     testImplementation group: 'org.springframework.boot', name: 'spring-boot-starter-test', version: versions.springBoot
 
diff --git a/config/fortify-client.properties b/config/fortify-client.properties
new file mode 100644
index 000000000..5042fb49e
--- /dev/null
+++ b/config/fortify-client.properties
@@ -0,0 +1 @@
+fortify.client.releaseId=57836
\ No newline at end of file