diff --git a/Dockerfile b/Dockerfile
index 0dbe63ece0..d3724e99b2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,6 +9,9 @@ ENV POWERSHELL_VERSION=${POWERSHELL_VERSION}
 ARG TRIVY_VERSION=0.69.2
 ENV TRIVY_VERSION=${TRIVY_VERSION}
 
+ARG ZIZMOR_VERSION=1.23.1
+ENV ZIZMOR_VERSION=${ZIZMOR_VERSION}
+
 # hadolint ignore=DL3008
 RUN apt-get update && apt-get install -y --no-install-recommends \
     wget libicu72 libunwind8 libssl3 libcurl4 ca-certificates apt-transport-https gnupg \
@@ -48,6 +51,21 @@ RUN ARCH=$(uname -m) && \
     mkdir -p /tmp/.cache/trivy && \
     chmod 777 /tmp/.cache/trivy
 
+# Install zizmor for GitHub Actions workflow scanning
+RUN ARCH=$(uname -m) && \
+    if [ "$ARCH" = "x86_64" ]; then \
+        ZIZMOR_ARCH="x86_64-unknown-linux-gnu" ; \
+    elif [ "$ARCH" = "aarch64" ]; then \
+        ZIZMOR_ARCH="aarch64-unknown-linux-gnu" ; \
+    else \
+        echo "Unsupported architecture for zizmor: $ARCH" && exit 1 ; \
+    fi && \
+    wget --progress=dot:giga "https://github.com/zizmorcore/zizmor/releases/download/v${ZIZMOR_VERSION}/zizmor-${ZIZMOR_ARCH}.tar.gz" -O /tmp/zizmor.tar.gz && \
+    tar zxf /tmp/zizmor.tar.gz -C /tmp && \
+    mv /tmp/zizmor /usr/local/bin/zizmor && \
+    chmod +x /usr/local/bin/zizmor && \
+    rm /tmp/zizmor.tar.gz
+
 # Add prowler user
 RUN addgroup --gid 1000 prowler && \
     adduser --uid 1000 --gid 1000 --disabled-password --gecos "" prowler
diff --git a/api/Dockerfile b/api/Dockerfile
index ffa12c6f88..a4bd15adf2 100644
--- a/api/Dockerfile
+++ b/api/Dockerfile
@@ -8,6 +8,9 @@ ENV POWERSHELL_VERSION=${POWERSHELL_VERSION}
 ARG TRIVY_VERSION=0.69.2
 ENV TRIVY_VERSION=${TRIVY_VERSION}
 
+ARG ZIZMOR_VERSION=1.23.1
+ENV ZIZMOR_VERSION=${ZIZMOR_VERSION}
+
 # hadolint ignore=DL3008
 RUN apt-get update && apt-get install -y --no-install-recommends \
     wget \
@@ -57,6 +60,21 @@ RUN ARCH=$(uname -m) && \
     mkdir -p /tmp/.cache/trivy && \
     chmod 777 /tmp/.cache/trivy
 
+# Install zizmor for GitHub Actions workflow scanning
+RUN ARCH=$(uname -m) && \
+    if [ "$ARCH" = "x86_64" ]; then \
+        ZIZMOR_ARCH="x86_64-unknown-linux-gnu" ; \
+    elif [ "$ARCH" = "aarch64" ]; then \
+        ZIZMOR_ARCH="aarch64-unknown-linux-gnu" ; \
+    else \
+        echo "Unsupported architecture for zizmor: $ARCH" && exit 1 ; \
+    fi && \
+    wget --progress=dot:giga "https://github.com/zizmorcore/zizmor/releases/download/v${ZIZMOR_VERSION}/zizmor-${ZIZMOR_ARCH}.tar.gz" -O /tmp/zizmor.tar.gz && \
+    tar zxf /tmp/zizmor.tar.gz -C /tmp && \
+    mv /tmp/zizmor /usr/local/bin/zizmor && \
+    chmod +x /usr/local/bin/zizmor && \
+    rm /tmp/zizmor.tar.gz
+
 # Add prowler user
 RUN addgroup --gid 1000 prowler && \
     adduser --uid 1000 --gid 1000 --disabled-password --gecos "" prowler
diff --git a/prowler/providers/github/services/githubactions/githubactions_workflow_security_scan/githubactions_workflow_security_scan.py b/prowler/providers/github/services/githubactions/githubactions_workflow_security_scan/githubactions_workflow_security_scan.py
index d0a7f96bbf..1fdcea029d 100644
--- a/prowler/providers/github/services/githubactions/githubactions_workflow_security_scan/githubactions_workflow_security_scan.py
+++ b/prowler/providers/github/services/githubactions/githubactions_workflow_security_scan/githubactions_workflow_security_scan.py
@@ -30,7 +30,7 @@ class githubactions_workflow_security_scan(Check):
                     metadata_dict = {
                         "Provider": "github",
                         "CheckID": f.finding_id,
-                        "CheckTitle": f"GitHub Actions workflow {f.ident} detected by zizmor",
+                        "CheckTitle": f"GitHub Actions workflow {f.ident}",
                         "CheckType": [],
                         "ServiceName": "githubactions",
                         "SubServiceName": "",
diff --git a/tests/providers/github/services/githubactions/githubactions_workflow_security_scan/githubactions_workflow_security_scan_test.py b/tests/providers/github/services/githubactions/githubactions_workflow_security_scan/githubactions_workflow_security_scan_test.py
index 126135b828..e93a7649ee 100644
--- a/tests/providers/github/services/githubactions/githubactions_workflow_security_scan/githubactions_workflow_security_scan_test.py
+++ b/tests/providers/github/services/githubactions/githubactions_workflow_security_scan/githubactions_workflow_security_scan_test.py
@@ -178,7 +178,7 @@ class Test_githubactions_workflow_security_scan:
             )
             assert (
                 result[0].check_metadata.CheckTitle
-                == "GitHub Actions workflow template-injection detected by zizmor"
+                == "GitHub Actions workflow template-injection"
             )
             assert result[0].check_metadata.Severity == "high"
             assert result[0].check_metadata.Risk == "Template Injection Vulnerability"