diff --git a/.gitignore b/.gitignore
index 66abe8f..e740577 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@ __pycache__
 .DS_Store
 .tox
 poetry.lock
+.coverage
diff --git a/pyproject.toml b/pyproject.toml
index c8a553a..7920672 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -27,6 +27,7 @@ django-filter = {version = "^24.1", optional = true}
 drf-spectacular = {version="^0.27.1", optional = true}
 drf-spectacular-sidecar = {version="^2024.1.1", optional = true}
 python-keycloak = {version = "^3.2.0", optional = true}
+setuptools = "^69.2.0" # Setuptools is a dependency of django-countries. See https://github.com/SmileyChris/django-countries/issues/442 for details.
 
 [tool.poetry.extras]
 api = ["djangorestframework", "django-filter", "drf-spectacular", "drf-spectacular-sidecar"]
@@ -41,9 +42,11 @@ mypy = "^1.2.0"
 types-python-dateutil = "^2.8.19.12"
 django-stubs = {extras = ["compatible-mypy"], version = "^4.2.0"}
 pylint-django = "^2.5.5"
+bandit = "^1.7.8"
 
 [tool.poetry.group.test.dependencies]
 django-oauth-toolkit = "^1.7.0"
+coverage = "^7.4.4"
 
 [tool.black]
 line-length = 100
@@ -69,6 +72,18 @@ load-plugins = 'pylint_django'
 [tool.pylint.'MESSAGES CONTROL']
 disable = ['too-few-public-methods', 'missing-class-docstring']
 
+[tool.coverage.run]
+branch = true
+include = [
+    "jasmin_services/*",
+    ]
+
+[tool.coverage.report]
+show_missing = true
+skip_empty = true
+skip_covered = true
+fail_under = 40
+
 [build-system]
 requires = ["poetry-core>=1.0.0", "setuptools>=59.6.0"]
 build-backend = "poetry.core.masonry.api"
diff --git a/tox.ini b/tox.ini
index 0069232..f40b4e0 100644
--- a/tox.ini
+++ b/tox.ini
@@ -5,7 +5,7 @@ envlist = py310,py311,py312
 [gh]
 python =
     3.10 = py310
-    3.11 = py311
+    3.11 = py311,black,bandit,coverage
     3.12 = py312
 
 [testenv]
@@ -13,7 +13,7 @@ skip_install = true
 setenv =
     DJANGO_SETTINGS_MODULE=tests.settings
     PYTHONPATH=$TOX_WORK_DIR/..
-    PYTHONWARNINGS=always
+#PYTHONWARNINGS=always
 allowlist_externals =
     poetry
 commands_pre =
@@ -22,9 +22,19 @@ commands =
     django-admin check
     django-admin test --parallel {posargs}
 
+[testenv:coverage]
+commands =
+    coverage erase
+    coverage run -m django test
+    coverage report
+
 [testenv:black]
-docker=
-skip_install=True
 commands_pre=
     poetry install --sync --only=dev --all-extras
 commands = black --check --fast .
+
+[testenv:bandit]
+commands_pre=
+    poetry install --sync --only=dev --all-extras
+commands =
+    bandit -c pyproject.toml -r --severity-level high jasmin_services