diff --git a/requirements.txt b/requirements.txt
index a8b1656..53f7d59 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -5,6 +5,6 @@ jsonschema==3.0.1
 openpyxl==2.5.4
 netaddr==0.7.19
 pyyaml==5.1
-requests==2.21.0
+requests==2.22.0
 
 git+https://opendev.org/airship/spyglass-plugin-xls.git#egg=spyglass-plugin-xls
diff --git a/test-requirements.txt b/test-requirements.txt
index b4a7d5e..81bb406 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -2,7 +2,8 @@
 yapf==0.27.0
 
 # Linting
-hacking>=1.1.0,<1.2.0 # Apache-2.0
+hacking>=1.1.0,<1.2.0  # Apache-2.0
 
 # Security
 bandit>=1.5.0
+safety>=1.8.5
diff --git a/tox.ini b/tox.ini
index 086b787..cc1f8a5 100644
--- a/tox.ini
+++ b/tox.ini
@@ -34,9 +34,17 @@ commands =
   yapf -dr {toxinidir}/spyglass {toxinidir}/setup.py
   flake8 {toxinidir}/spyglass
   bandit -r spyglass -n 5
+  safety check -r requirements.txt --bare
 whitelist_externals =
   bash
 
+[testenv:safety]
+deps =
+    safety
+commands =
+    safety check -r {toxinidir}/requirements.txt --full-report
+    safety check -r {toxinidir}/test-requirements.txt --full-report
+
 [testenv:bandit]
 deps =
     bandit