diff --git a/.github/workflows/cleanup-untagged-images.yml b/.github/workflows/cleanup-untagged-images.yml
new file mode 100644
index 0000000..37dd0be
--- /dev/null
+++ b/.github/workflows/cleanup-untagged-images.yml
@@ -0,0 +1,20 @@
+name: Cleanup untagged images
+
+on:
+  schedule:
+    - cron: "0 0 * * *"
+
+jobs:
+  clean:
+    name: Delete untagged images
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+    steps:
+      - uses: snok/container-retention-policy@4f22ef80902ad409ed55a99dc5133cc1250a0d03 # v3.0.0
+        with:
+          account: ${{ github.repository_owner }}
+          token: ${{ secrets.GITHUB_TOKEN }}
+          image-names: ${{ github.event.repository.name }}
+          tag-selection: "untagged"
+          cut-off: "1d"
diff --git a/.github/workflows/deploy_dev.yml b/.github/workflows/deploy_dev.yml
index d3fa269..b8fd57e 100644
--- a/.github/workflows/deploy_dev.yml
+++ b/.github/workflows/deploy_dev.yml
@@ -6,7 +6,7 @@ on:
 jobs:
   gitlab-dev-deploy:
     if: ${{ github.event.registry_package.package_version.container_metadata.tag.name == 'development' }}
-    uses: epam/ai-dial-ci/.github/workflows/deploy-development.yml@1.7.0
+    uses: epam/ai-dial-ci/.github/workflows/deploy-development.yml@1.10.2
     with:
       gitlab-project-id: "1829"
       gitlab-project-ref: "master"
diff --git a/.github/workflows/pr-title-check.yml b/.github/workflows/pr-title-check.yml
index 495a191..b9e3daf 100644
--- a/.github/workflows/pr-title-check.yml
+++ b/.github/workflows/pr-title-check.yml
@@ -9,6 +9,6 @@ on:
 
 jobs:
   pr-title-check:
-    uses: epam/ai-dial-ci/.github/workflows/pr-title-check.yml@1.7.0
+    uses: epam/ai-dial-ci/.github/workflows/pr-title-check.yml@1.10.2
     secrets:
       ACTIONS_BOT_TOKEN: ${{ secrets.ACTIONS_BOT_TOKEN }}
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 2692edb..468fe00 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -6,5 +6,5 @@ on:
 
 jobs:
   run_tests:
-    uses: epam/ai-dial-ci/.github/workflows/python_docker_pr.yml@1.7.0
+    uses: epam/ai-dial-ci/.github/workflows/python_docker_pr.yml@1.10.2
     secrets: inherit
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 96625d2..ca3b29b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -6,5 +6,5 @@ on:
 
 jobs:
   release:
-    uses: epam/ai-dial-ci/.github/workflows/python_docker_release.yml@1.7.0
+    uses: epam/ai-dial-ci/.github/workflows/python_docker_release.yml@1.10.2
     secrets: inherit
diff --git a/trivy.yaml b/trivy.yaml
new file mode 100644
index 0000000..f595cea
--- /dev/null
+++ b/trivy.yaml
@@ -0,0 +1,13 @@
+# Trivy configuration file
+# https://aquasecurity.github.io/trivy/latest/docs/references/configuration/config-file/
+# Can be deleted after public ecr mirror will be added by default
+db:
+  no-progress: true
+  repository:
+    - ghcr.io/aquasecurity/trivy-db:2
+    - public.ecr.aws/aquasecurity/trivy-db:2
+  java-repository:
+    - ghcr.io/aquasecurity/trivy-java-db:1
+    - public.ecr.aws/aquasecurity/trivy-java-db:1
+misconfiguration:
+  checks-bundle-repository: public.ecr.aws/aquasecurity/trivy-checks