diff --git a/.config/spotbugs-excludes.xml b/.config/spotbugs-excludes.xml
deleted file mode 100644
index ff2379382f..0000000000
--- a/.config/spotbugs-excludes.xml
+++ /dev/null
@@ -1,81 +0,0 @@
-<FindBugsFilter>
-    <Match>
-        <!-- Do not fail on Spring REST endpoints. -->
-        <Bug pattern="SPRING_ENDPOINT"/>
-    </Match>
-    <Match>
-        <!-- Classes should generally use generated SerialVersionUID unless there is a reason to implement compatibility. -->
-        <Bug pattern="SE_NO_SERIALVERSIONID"/>
-    </Match>
-    <Match>
-        <!-- Classes should be able to write logs. -->
-        <Bug pattern="CRLF_INJECTION_LOGS"/>
-    </Match>
-    <Match>
-        <!-- Lombok getters used. -->
-        <Bug pattern="EI_EXPOSE_REP"/>
-    </Match>
-    <Match>
-        <!-- Lombok getters used. -->
-        <Bug pattern="EI_EXPOSE_REP2"/>
-    </Match>
-    <Match>
-        <Class name="org.eclipse.tractusx.irs.component.Shell$ShellBuilder"/>
-        <Bug pattern="UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR"/>
-    </Match>
-    <Match>
-        <!-- CSRF protection turned off on purpose. -->
-        <Class name="org.eclipse.tractusx.irs.configuration.security.SecurityConfiguration"/>
-        <Method name="securityFilterChain"/>
-        <Bug pattern="SPRING_CSRF_PROTECTION_DISABLED"/>
-    </Match>
-    <Match>
-        <!-- We want to explicitly throw Exception in this method. -->
-        <Class name="org.eclipse.tractusx.irs.configuration.security.SecurityConfiguration"/>
-        <Method name="securityFilterChain"/>
-        <Bug pattern="THROWS_METHOD_THROWS_CLAUSE_BASIC_EXCEPTION"/>
-    </Match>
-    <Match>
-        <!-- This one is false-positive. -->
-        <Class name="org.eclipse.tractusx.irs.controllers.IrsExceptionHandler"/>
-        <Method name="handleMethodArgumentTypeMismatchException"/>
-        <Bug pattern="BC_UNCONFIRMED_CAST_OF_RETURN_VALUE"/>
-    </Match>
-    <Match>
-        <!-- This one is false-positive. -->
-        <Class name="org.eclipse.tractusx.irs.controllers.IrsExceptionHandler"/>
-        <Method name="handleMethodArgumentTypeMismatchException"/>
-        <Bug pattern="NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"/>
-    </Match>
-    <Match>
-        <Class name="org.eclipse.tractusx.irs.util.JobMetrics$JobMetricsBuilder"/>
-        <Bug pattern="UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR"/>
-    </Match>
-    <Match>
-        <!-- This one is an extreme edge case and not relevant in our case. -->
-        <Class name="org.eclipse.tractusx.irs.component.assetadministrationshell.AssetAdministrationShellDescriptor"/>
-        <Bug pattern="IMPROPER_UNICODE"/>
-    </Match>
-    <Match>
-        <Class name="org.eclipse.tractusx.irs.configuration.RestTemplateConfig"/>
-        <Bug pattern="SIC_INNER_SHOULD_BE_STATIC_ANON"/>
-    </Match>
-    <Match>
-        <Class name="org.eclipse.tractusx.irs.registryclient.central.DigitalTwinRegistryClientImpl"/>
-        <Bug pattern="SIC_INNER_SHOULD_BE_STATIC_ANON"/>
-    </Match>
-    <Match>
-        <Class name="org.eclipse.tractusx.irs.registryclient.decentral.DecentralDigitalTwinRegistryClient"/>
-        <Bug pattern="SIC_INNER_SHOULD_BE_STATIC_ANON"/>
-    </Match>
-    <Match>
-        <!-- The folder path is not provided by a user, the file name is normalized heavily, and we use a recent JRE -->
-        <Class name="org.eclipse.tractusx.irs.semanticshub.SemanticsHubClientImpl"/>
-        <Bug pattern="PATH_TRAVERSAL_IN,WEAK_FILENAMEUTILS"/>
-    </Match>
-    <Match>
-        <!-- The application is intended to access all files -->
-        <Class name="org.eclipse.tractusx.irs.testing.dataintegrity.TestdataTransformer"/>
-        <Bug pattern="PATH_TRAVERSAL_IN"/>
-    </Match>
-</FindBugsFilter>
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 187d7134c0..50db74f1e7 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -93,4 +93,4 @@ jobs:
           mvn clean package --batch-mode -DskipTests
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/spotbugs.yml b/.github/workflows/spotbugs.yml
deleted file mode 100644
index f0ac07b902..0000000000
--- a/.github/workflows/spotbugs.yml
+++ /dev/null
@@ -1,48 +0,0 @@
-name: "Spotbugs bug detection"
-
-on:
-  push:
-    branches: main
-    paths-ignore:
-      - '**/*.md'
-      - '**/*.txt'
-  pull_request:
-    branches: main
-    paths-ignore:
-      - '**/*.md'
-      - '**/*.txt'
-      - 'charts/**'
-      - '.config/**'
-      - 'docs/**'
-      - 'local/**'
-      - 'README.md'
-      - 'CHANGELOG.md'
-  schedule:
-    - cron: '0 0 * * *' # Once a day
-
-jobs:
-  analyze:
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-
-    name: spotbugs-check
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Set up JDK 17
-        uses: actions/setup-java@v4
-        with:
-          java-version: '17'
-          distribution: 'temurin'
-
-      - name: Cache maven packages
-        uses: actions/cache@v3
-        with:
-          path: ~/.m2
-          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
-          restore-keys: ${{ runner.os }}-m2
-
-      - name: run maven spotbugs plugin
-        run: mvn clean package -DskipTests=true spotbugs:check
\ No newline at end of file
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
deleted file mode 100644
index 0dafa7fea6..0000000000
--- a/.github/workflows/trivy.yml
+++ /dev/null
@@ -1,50 +0,0 @@
-# Depending on the location of your Docker container
-# you need to change the path to the specific Docker registry.
-#
-name: "Trivy vulnerability scanner"
-
-on:
-  workflow_dispatch: # Trigger manually
-  push:
-    branches: main
-    paths-ignore:
-      - '**/*.md'
-      - '**/*.txt'
-  pull_request:
-    branches: main
-    paths-ignore:
-      - '**/*.md'
-      - '**/*.txt'
-  schedule:
-    - cron: '0 0 * * *' # Once a day
-
-jobs:
-  analyze-config:
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: "config"
-          ignore-unfixed: true
-          exit-code: "1"
-          hide-progress: false
-          format: "sarif"
-          output: "trivy-results1.sarif"
-          severity: "CRITICAL,HIGH"
-          # full-irs is a demonstration and not intended to run in a production environment, it can be excluded
-          skip-dirs: "charts/connector/aasregistry,charts/connector/daps,charts/connector/edc-provider,charts/connector/submodelservers,charts/irs-environments/local,local/deployment/full-irs"  # skip scanning external images.
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        if: always()
-        with:
-          sarif_file: "trivy-results1.sarif"
\ No newline at end of file
diff --git a/.github/workflows/veracode.yaml b/.github/workflows/veracode.yaml
deleted file mode 100644
index e8b3d77a01..0000000000
--- a/.github/workflows/veracode.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-name: Veracode SAST test
-on:
-  workflow_dispatch: # Trigger manually
-  schedule:
-    - cron: '0 0 * * *' # Once a day
-
-jobs:
-  static_analysis:
-    name: Static Analysis
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Set up JDK 17
-        uses: actions/setup-java@v4
-        with:
-          java-version: '17'
-          distribution: 'temurin'
-
-      - name: Set up Maven
-        uses: stCarolas/setup-maven@v4.5
-        with:
-          maven-version: 3.8.2
-
-      - name: Cache maven packages
-        uses: actions/cache@v3
-        with:
-          path: ~/.m2
-          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
-          restore-keys: ${{ runner.os }}-m2
-
-      - name: Build
-        run: mvn package --batch-mode -DskipTests
-
-      - uses: actions/upload-artifact@v3
-        with:
-          path: 'irs-api/target/*exec.jar'
-
-      - name: Veracode Upload And Scan
-        uses: veracode/veracode-uploadandscan-action@0.2.6
-        with:
-          appname: 'IRS'
-          version: '${{ github.run_id }}'
-          createprofile: false
-          vid: '${{ secrets.VERACODE_API_ID || secrets.ORG_VERACODE_API_ID }}'
-          vkey: '${{ secrets.VERACODE_API_KEY || secrets.ORG_VERACODE_API_KEY }}'
-          filepath: 'irs-api/target/*exec.jar'
-          deleteIncompleteScan: 2 #delete a scan of any status except Results Ready to proceed with the uploadandscan action. If errors occur when running this action, the Java wrapper automatically deletes the incomplete scan.