diff --git a/.gitlab/ci/reports.gitlab-ci.yml b/.gitlab/ci/reports.gitlab-ci.yml
index 9f371e0089292e528a997deef316d723185188af..f75aa44dd9404e5554268cfedc7fe30a6c4e7e1a 100644
--- a/.gitlab/ci/reports.gitlab-ci.yml
+++ b/.gitlab/ci/reports.gitlab-ci.yml
@@ -23,6 +23,14 @@ include:
 semgrep-sast:
   rules: !reference [".reports:rules:semgrep-sast", rules]
 
+gitlab-advanced-sast:
+  timeout: 3h
+  tags:
+    - saas-linux-2xlarge-amd64
+  rules: !reference [".reports:rules:gitlab-advanced-sast", rules]
+  variables:
+    SAST_SCANNER_ALLOWED_CLI_OPTS: --multi-core 8
+
 .secret-analyzer:
   extends: .default-retry
   stage: lint
diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml
index 313390712e3f409eb781950d073f5621ffd1c53a..4eabfe34036f8b611a478e2a09c05919ea1f90f6 100644
--- a/.gitlab/ci/rules.gitlab-ci.yml
+++ b/.gitlab/ci/rules.gitlab-ci.yml
@@ -2824,14 +2824,31 @@
       when: never
     - <<: *if-default-refs
       changes:
-        - '**/*.py'
+        - '**/*.c'
+        - '**/*.rb'
         - '**/*.js'
         - '**/*.jsx'
         - '**/*.ts'
         - '**/*.tsx'
-        - '**/*.c'
+        - '**/*.cjs'
+        - '**/*.mjs'
+
+.reports:rules:gitlab-advanced-sast:
+  rules:
+    - <<: *if-merge-request-labels-pipeline-expedite
+      when: never
+    - if: $SAST_DISABLED
+      when: never
+    - if: $SAST_EXCLUDED_ANALYZERS =~ /gitlab-advanced-sast/
+      when: never
+    - <<: *if-default-refs
+      changes:
+        - '**/*.py'
         - '**/*.go'
         - '**/*.rb'
+        - '**/*.java'
+        - '**/*.jsp'
+        - '**/*.cs'
 
 .reports:rules:secret_detection:
   rules:
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index a209aed131b67880fb37bb3c62eab78223c66768..76d73f3aff30d89725d14083112d8df29453e362 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -2,6 +2,7 @@
 
 require 'gon'
 
+# Changing a *.rb file to trigger a scan
 class ApplicationController < BaseActionController
   use Gitlab::Middleware::ActionControllerStaticContext
 
diff --git a/workhorse/cmd/gitlab-workhorse/backend_test.go b/workhorse/cmd/gitlab-workhorse/backend_test.go
index 8b62287fee4e68aff956f60ba1242cb7c0053191..cfd8f3ebc4e0af10fe60c457aaf9d1a86b3f6756 100644
--- a/workhorse/cmd/gitlab-workhorse/backend_test.go
+++ b/workhorse/cmd/gitlab-workhorse/backend_test.go
@@ -21,6 +21,8 @@ func TestParseAuthBackendFailure(t *testing.T) {
 	}
 }
 
+// Changing a *.go file just to trigger a change!
+// New line of code to trigger scan
 func TestParseAuthBackend(t *testing.T) {
 	successes := []struct{ input, host, scheme string }{
 		{"http://localhost:8080", "localhost:8080", "http"},