diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 38f6209..d632d76 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -9,7 +9,6 @@ on:
       - master
     paths-ignore:
       - 'README.md'
-  workflow_call:
 
 env:
   NVD_API_TOKEN: ${{ secrets.NVD_API_KEY }} # Token to access NVD API for dependency-check
@@ -34,5 +33,31 @@ jobs:
       - uses: actions/checkout@v3
       - name: Grant execute permission for gradlew
         run: chmod +x gradlew
-      - name: Scan dependencies
-        run: ./gradlew dependencyCheckAnalyze
+      - name: build
+        run: ./gradlew assemble
+      # the action has not been updated a while, but it always uses the latest plugin version
+      - name: Run DependencyCheck plugin
+        uses: dependency-check/Dependency-Check_Action@main
+        id: depcheck
+        continue-on-error: true # we still want to upload the report
+        with:
+          project: ${{ github.repository }}
+          path: '.'
+          format: 'HTML'
+          out: 'reports'
+          args: >
+            --failOnCVSS 6
+            --disableAssembly
+            --nvdApiKey ${{ secrets.NVD_API_KEY }}
+            --nvdApiDelay 10000
+      - name: Upload test results
+        uses: actions/upload-artifact@v3
+        with:
+          name: dependency-check-report-eum-server
+          path: ${{ github.workspace }}/reports
+      # if DependencyCheck failed, the job should also fail, but only after the results were uploaded
+      - name: Validate DependencyCheck outcome
+        if: ${{ steps.depcheck.outcome == 'failure' }}
+        run: |
+          echo "DependencyCheck failed"
+          exit 1