diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 0dc547a4feba4..7c68e54681b96 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -48,6 +48,7 @@ fixes, documentation, examples... But first, read this page (including the small
 * [Extensions](#extensions)
     + [Descriptions](#descriptions)
     + [Update dependencies to extensions](#update-dependencies-to-extensions)
+    + [Run dependency check](#run-dependency-check)
 * [The small print](#the-small-print)
 * [Frequently Asked Questions](#frequently-asked-questions)
 
@@ -694,6 +695,10 @@ were changed by the script.
 When removing an extension make sure to also remove all dependencies to it from all `pom.xml`. It's easy to miss this as
 long as the extension artifact is still present in your local Maven repository.
 
+### Run dependency check
+
+When adding a new extension or updating the existing one it is recommended to run [OWASP Dependency Check](https://jeremylong.github.io/DependencyCheck) with `mvn -Pdependency-check` so that known security vulnerabilities can be detected early.
+
 ## The small print
 
 This project is an open source project, please act responsibly, be nice, polite and enjoy!
diff --git a/build-parent/pom.xml b/build-parent/pom.xml
index 2ff4c7496a5d0..3a90a55cb4533 100644
--- a/build-parent/pom.xml
+++ b/build-parent/pom.xml
@@ -172,6 +172,7 @@
 
         <!-- google cloud functions invoker-->
         <gcf-invoker.version>1.1.1</gcf-invoker.version>
+        <owasp-dependency-check-plugin.version>7.4.3</owasp-dependency-check-plugin.version>
     </properties>
 
     <dependencyManagement>
@@ -719,6 +720,18 @@
                         </execution>
                     </executions>
                 </plugin>
+		<plugin>
+		    <groupId>org.owasp</groupId>
+		    <artifactId>dependency-check-maven</artifactId>
+		    <version>${owasp-dependency-check-plugin.version}</version>
+		    <executions>
+		        <execution>
+			    <goals>
+			        <goal>check</goal>
+			    </goals>
+			</execution>
+		    </executions>
+		</plugin>
             </plugins>
         </pluginManagement>
     </build>
@@ -1235,7 +1248,17 @@
                 </plugins>
             </build>
         </profile>
-
+        <profile>
+            <id>dependency-check</id>
+            <activation>
+                <property>
+                    <name>dependency-check</name>
+                </property>
+            </activation>
+            <build>
+                <defaultGoal>dependency-check:check</defaultGoal>
+            </build>
+        </profile>
         <profile>
             <id>Windows</id>
             <activation>
diff --git a/docs/src/main/asciidoc/security-overview-concept.adoc b/docs/src/main/asciidoc/security-overview-concept.adoc
index 2af860fe09c56..e16ec5e6534e6 100644
--- a/docs/src/main/asciidoc/security-overview-concept.adoc
+++ b/docs/src/main/asciidoc/security-overview-concept.adoc
@@ -344,7 +344,7 @@ To add the OWASP Dependency check plugin to your Quarkus Maven project, add the
 
 [IMPORTANT]
 ====
-Set the `owasp-dependency-check-plugin.version` value to `7.1.1` or later.
+Set the `owasp-dependency-check-plugin.version` value to `7.4.3` or later.
 ====
 
 Next, configure the plugin as follows: