diff --git a/README.md b/README.md
index 93fa69c..7bd2e42 100644
--- a/README.md
+++ b/README.md
@@ -97,6 +97,12 @@ All rules included in this package **can be disabled or modified** in an `.edito
     dotnet_diagnostic.CA2200.severity = none
     ````
 
+- Disable [NuGet auditing](https://learn.microsoft.com/en-us/nuget/concepts/auditing-packages?WT.mc_id=DT-MVP-5003978) for a specific package
+
+    ````xml
+    <PackageReference Include="System.Formats.Asn1" Version="8.0.0" NoWarn="NU1903" />
+    ````
+
 > [!WARNING]
 > Remember that this should be a temporary solution to help adopting the package
 
diff --git a/src/build/Workleap.DotNet.CodingStandards.props b/src/build/Workleap.DotNet.CodingStandards.props
index 39d0701..d5cbe4a 100644
--- a/src/build/Workleap.DotNet.CodingStandards.props
+++ b/src/build/Workleap.DotNet.CodingStandards.props
@@ -29,4 +29,23 @@
     <!-- GenerateDocumentationFile must be set to true for IDE0005 (Remove unnecessary usings/imports) to work -->
     <GenerateDocumentationFile Condition="'$(GenerateDocumentationFile)' == ''">true</GenerateDocumentationFile>
   </PropertyGroup>
+
+  <PropertyGroup>
+    <!-- Enable NuGet package auditing -->
+    <!-- https://learn.microsoft.com/en-us/nuget/concepts/auditing-packages -->
+    <NuGetAudit Condition="'$(NuGetAudit)' == ''">true</NuGetAudit>
+
+    <!-- Audit direct and transitive packages -->
+    <NuGetAuditMode Condition="'$(NuGetAuditMode)' == ''">all</NuGetAuditMode>
+
+    <!-- Report low, moderate, high and critical advisories -->
+    <NuGetAuditLevel Condition="'$(NuGetAuditLevel)' == ''">low</NuGetAuditLevel>
+
+    <NuGetAuditTreatWarningsAsErrors Condition="('$(NuGetAuditTreatWarningsAsErrors)' == '') AND ($(ContinuousIntegrationBuild) == 'true' OR '$(Configuration)' == 'Release')">true</NuGetAuditTreatWarningsAsErrors>
+
+    <!-- Fails the build on CI or on release when a vulnerability is detected -->
+    <WarningsAsErrors Condition="$(NuGetAuditTreatWarningsAsErrors) == 'true'">
+      (WarningsAsErrors);NU1900;NU1901;NU1902;NU1903;NU1904
+    </WarningsAsErrors>
+  </PropertyGroup>
 </Project>
diff --git a/tests/Workleap.DotNet.CodingStandards.Tests/CodingStandardTests.cs b/tests/Workleap.DotNet.CodingStandards.Tests/CodingStandardTests.cs
index 9813269..d97cdd9 100644
--- a/tests/Workleap.DotNet.CodingStandards.Tests/CodingStandardTests.cs
+++ b/tests/Workleap.DotNet.CodingStandards.Tests/CodingStandardTests.cs
@@ -99,4 +99,57 @@ class Sample
         Assert.False(data.HasError("IDE1006"));
         Assert.False(data.HasWarning("IDE1006"));
     }
+
+    [Fact]
+    public async Task ReportVulnerablePackage_Release_ShouldReportError()
+    {
+        using var project = new ProjectBuilder(fixture, testOutputHelper);
+        project.AddCsprojFile(packageReferences: new Dictionary<string, string> { { "System.Text.Json", "8.0.1" } });
+        project.AddFile("sample.cs", """
+            Console.WriteLine();
+            """);
+        var data = await project.BuildAndGetOutput(["--configuration", "Release"]);
+        Assert.True(data.HasError("NU1903"));
+    }
+
+    [Fact]
+    public async Task ReportVulnerablePackage_Debug_ShouldReportWarning()
+    {
+        using var project = new ProjectBuilder(fixture, testOutputHelper);
+        project.AddCsprojFile(packageReferences: new Dictionary<string, string> { { "System.Text.Json", "8.0.1" } });
+        project.AddFile("sample.cs", """
+            Console.WriteLine();
+            """);
+        var data = await project.BuildAndGetOutput(["--configuration", "Debug"]);
+        Assert.False(data.HasError("NU1903"));
+        Assert.True(data.HasWarning("NU1903"));
+    }
+    [Fact]
+    public async Task ReportVulnerablePackage_DisabledWarningOnPackage()
+    {
+        using var project = new ProjectBuilder(fixture, testOutputHelper);
+        project.AddFile("test.csproj", $"""
+                <Project Sdk="Microsoft.NET.Sdk">
+                  <PropertyGroup>
+                    <OutputType>exe</OutputType>
+                    <TargetFramework>net$(NETCoreAppMaximumVersion)</TargetFramework>
+                    <ImplicitUsings>enable</ImplicitUsings>
+                    <Nullable>enable</Nullable>
+                    <ErrorLog>{ProjectBuilder.SarifFileName},version=2.1</ErrorLog>
+                  </PropertyGroup>
+                  
+                  <ItemGroup>
+                    <PackageReference Include="Workleap.DotNet.CodingStandards" Version="*" />
+                    <PackageReference Include="System.Text.Json" Version="8.0.1" NoWarn="NU1903" />
+                  </ItemGroup>
+                </Project>
+                """);
+
+        project.AddFile("sample.cs", """
+            Console.WriteLine();
+            """);
+        var data = await project.BuildAndGetOutput(["--configuration", "Release"]);
+        Assert.False(data.HasError("NU1903"));
+        Assert.False(data.HasWarning("NU1903"));
+    }
 }
diff --git a/tests/Workleap.DotNet.CodingStandards.Tests/Helpers/ProjectBuilder.cs b/tests/Workleap.DotNet.CodingStandards.Tests/Helpers/ProjectBuilder.cs
index d4c6b84..0b2bc34 100644
--- a/tests/Workleap.DotNet.CodingStandards.Tests/Helpers/ProjectBuilder.cs
+++ b/tests/Workleap.DotNet.CodingStandards.Tests/Helpers/ProjectBuilder.cs
@@ -8,7 +8,7 @@ namespace Workleap.DotNet.CodingStandards.Tests.Helpers;
 
 internal sealed class ProjectBuilder : IDisposable
 {
-    private const string SarifFileName = "BuildOutput.sarif";
+    public const string SarifFileName = "BuildOutput.sarif";
 
     private readonly TemporaryDirectory _directory;
     private readonly ITestOutputHelper _testOutputHelper;