diff --git a/Jenkinsfile b/Jenkinsfile
index 1fc467b125fe484ac84d66018e84e0479d749e00..dbce568b724ca8e62e1c8086bfc29875e046c666 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -184,22 +184,21 @@ pipeline {
             }
         }
 
-        stage ('OWASP Dependency-Check Vulnerabilities') {
+        stage ('Deploy SBOM to DependencyTrack') {
             steps {
-                dependencyCheck additionalArguments: ''' 
-                    -o "./" 
-                    -s "./"
-                    -f "ALL" 
-                    -d /dependency-check-data
-                    --suppression dependency-check-supressions.xml
-                    --disableKnownExploited
-                    --noupdate
-                    --disableArchive
-                    --prettyPrint''', odcInstallation: 'dependency-check-owasp'
-
-                dependencyCheckPublisher( 
-                    pattern: 'dependency-check-report.xml'
-                )           
+              script {
+                IMAGE_TAG = generateImageTag()
+
+                configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
+                    withCredentials([string(credentialsId: 'dependency-track-api-key', variable: 'API_KEY')]) {
+
+                        dir('vorgang-manager-server') {
+                            catchError(buildResult: 'UNSTABLE', stageResult: 'FAILURE') {
+                                sh "mvn  --no-transfer-progress -s $MAVEN_SETTINGS io.github.pmckeown:dependency-track-maven-plugin:upload-bom -Ddependency-track.apiKey=$API_KEY -Ddependency-track.projectVersion=${IMAGE_TAG} -Ddependency-track.dependencyTrackBaseUrl=https://dependency-track.ozg-sh.de"
+                            }
+                        }
+                    }
+                }
             }
         }
     }
diff --git a/pom.xml b/pom.xml
index e912ec06599e740425c2343d82f2087b8665689b..40f23260f7a3b3bd5e1298d07272dfe64842ae0d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -43,6 +43,10 @@
 		<!-- plugin -->
 		<license-maven-plugin.version>4.1</license-maven-plugin.version>
 		<ozgcloud-license.version>1.6.0</ozgcloud-license.version>
+
+		<dependency-track-maven-plugin.version>1.7.0</dependency-track-maven-plugin.version>
+		<cyclonedx-maven-plugin.version>2.7.11</cyclonedx-maven-plugin.version>
+
 	</properties>
 
 	<dependencies>
@@ -229,8 +233,35 @@
 						</dependency>
 					</dependencies>
 				</plugin>
+
+				<plugin>
+					<groupId>io.github.pmckeown</groupId>
+					<artifactId>dependency-track-maven-plugin</artifactId>
+					<version>${dependency-track-maven-plugin.version}</version>
+					<configuration>
+						<dependencyTrackBaseUrl>https://dependency-track.ozg-sh.de</dependencyTrackBaseUrl>
+						<failOnError>true</failOnError>
+						<createProject>true</createProject>
+					</configuration>
+				</plugin>
 			</plugins>
 		</pluginManagement>
+
+		<plugins>
+			<plugin>
+				<groupId>org.cyclonedx</groupId>
+				<artifactId>cyclonedx-maven-plugin</artifactId>
+				<version>${cyclonedx-maven-plugin.version}</version>
+				<executions>
+					<execution>
+						<phase>package</phase>
+						<goals>
+							<goal>makeAggregateBom</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+		</plugins>
 	</build>
 
 	<distributionManagement>