diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 89a1e182..60686904 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -4,12 +4,10 @@ stages:
   - deps
   - build
   - sast
+  - qa
   - image
+  - container_scanning
 
-before_script:
-  - export GOPATH="$CI_PROJECT_DIR/.go"
-  - mkdir -p .go
-  - mkdir -p deploy
 
 cache:
   paths:
@@ -20,16 +18,58 @@ cache:
 include:
   - '.gitlab-ci/build.yml'
   - '.gitlab-ci/image.yml'
+  - template: SAST.gitlab-ci.yml
+  - template: Security/License-Scanning.gitlab-ci.yml
+  - template: Security/Secret-Detection.gitlab-ci.yml
+  - template: Security/Container-Scanning.gitlab-ci.yml
+
+.scanners-matrix:
+  parallel:
+    matrix:
+      - IMAGE_NAME: [checker, admin, evdist, frontend-ui, nginx, dashboard, repochecker, qa, receiver]
+
+container_scanning:
+  stage: container_scanning
+  extends:
+    - .scanners-matrix
+  variables:
+    DOCKER_SERVICE: localhost
+    DOCKERFILE_PATH: Dockerfile-${IMAGE_NAME}
+    CI_APPLICATION_REPOSITORY: ${CI_REGISTRY_IMAGE}/${CI_COMMIT_REF_SLUG}/${IMAGE_NAME}
+    CI_APPLICATION_TAG: latest
+    GIT_STRATEGY: fetch
+  before_script:
+    - 'echo "Scanning: ${IMAGE_NAME}"'
+  rules:
+    - if: '$CI_COMMIT_BRANCH == "master"'
+
+sast:
+  stage: sast
+  interruptible: true
+  needs: []
+
+secret_detection:
+  stage: sast
+  interruptible: true
+  needs: []
+
+license_scanning:
+  stage: qa
+  interruptible: true
+  needs: []
 
 get-deps:
   stage: deps
   image: golang:alpine3.18
+  before_script:
+    - export GOPATH="$CI_PROJECT_DIR/.go"
+    - mkdir -p .go
   script:
     - apk --no-cache add git
     - go get -v -d srs.epita.fr/fic-server/admin
-    - go get -v -d srs.epita.fr/fic-server/backend
+    - go get -v -d srs.epita.fr/fic-server/checker
+    - go get -v -d srs.epita.fr/fic-server/receiver
     - go get -v -d srs.epita.fr/fic-server/evdist
-    - go get -v -d srs.epita.fr/fic-server/frontend
     - go get -v -d srs.epita.fr/fic-server/dashboard
     - go get -v -d srs.epita.fr/fic-server/repochecker
     - go get -v -d srs.epita.fr/fic-server/repochecker/epita
@@ -45,6 +85,9 @@ vet:
   dependencies:
     - build-qa-ui
   image: golang:alpine3.18
+  before_script:
+    - export GOPATH="$CI_PROJECT_DIR/.go"
+    - mkdir -p .go
   script:
     - apk --no-cache add build-base
     - go vet -v -buildvcs=false -tags gitgo srs.epita.fr/fic-server/admin
@@ -52,9 +95,9 @@ vet:
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/admin/sync
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/admin/pki
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/admin
-    - go vet -v -buildvcs=false srs.epita.fr/fic-server/backend
+    - go vet -v -buildvcs=false srs.epita.fr/fic-server/checker
+    - go vet -v -buildvcs=false srs.epita.fr/fic-server/receiver
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/evdist
-    - go vet -v -buildvcs=false srs.epita.fr/fic-server/frontend
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/dashboard
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/repochecker
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/repochecker/epita
@@ -64,4 +107,3 @@ vet:
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/repochecker/videos
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/qa
     - go vet -v -buildvcs=false srs.epita.fr/fic-server/settings
-
diff --git a/.gitlab-ci/build.yml b/.gitlab-ci/build.yml
index dbb5d190..0e751cd5 100644
--- a/.gitlab-ci/build.yml
+++ b/.gitlab-ci/build.yml
@@ -1,14 +1,18 @@
 ---
 
-.build: &build-image
+.build:
   stage: build
   image: golang:alpine3.18
+  before_script:
+    - export GOPATH="$CI_PROJECT_DIR/.go"
+    - mkdir -p .go
   variables:
     CGO_ENABLED: 0
 
 build-qa-ui:
   stage: build
   image: node:20-alpine3.18
+  before_script:
   script:
     - cd qa/ui
     - npm install --network-timeout=100000
@@ -19,43 +23,50 @@ build-qa-ui:
       - qa/ui/build/
     when: on_success
 
-build-backend:
-  <<: *build-image
+build-checker:
+  extends:
+    - .build
   script:
-    - go build -v -buildvcs=false -o deploy/backend srs.epita.fr/fic-server/backend
+    - go build -v -buildvcs=false -o deploy/backend srs.epita.fr/fic-server/checker
+
+build-receiver:
+  extends:
+    - .build
+  script:
+    - go build -v -buildvcs=false -o deploy/backend srs.epita.fr/fic-server/receiver
 
 build-admin:
-  <<: *build-image
+  extends:
+    - .build
   script:
     - go build -v -buildvcs=false -tags gitgo -o deploy/admin-gitgo srs.epita.fr/fic-server/admin
     - go build -v -buildvcs=false -o deploy/admin srs.epita.fr/fic-server/admin
 
 build-evdist:
-  <<: *build-image
+  extends:
+    - .build
   script:
     - go build -v -buildvcs=false -o deploy/evdist srs.epita.fr/fic-server/evdist
 
-build-frontend:
-  <<: *build-image
-  script:
-    - go build -v -buildvcs=false -o deploy/frontend srs.epita.fr/fic-server/frontend
-
 build-frontend-ui:
   stage: build
   image: node:20-alpine3.18
+  before_script:
   script:
-    - cd frontend/ui
+    - cd frontend/fic
     - npm install --network-timeout=100000
     - sed -i 's!@popperjs/core/dist/esm/popper!@popperjs/core!' node_modules/sveltestrap/src/*.js node_modules/sveltestrap/src/*.svelte
     - npm run build
 
 build-dashboard:
-  <<: *build-image
+  extends:
+    - .build
   script:
     - go build -v -buildvcs=false -o deploy/dashboard srs.epita.fr/fic-server/dashboard
 
 build-repochecker:
-  <<: *build-image
+  extends:
+    - .build
   script:
     - apk --no-cache add build-base
     - go build -buildvcs=false --tags checkupdate -v -o deploy/repochecker srs.epita.fr/fic-server/repochecker
@@ -67,7 +78,8 @@ build-repochecker:
     - grep "const version" repochecker/update.go | sed -r 's/^.*=\s*(\S.*)$/\1/' > deploy/repochecker.version
 
 build-qa:
-  <<: *build-image
+  extends:
+    - .build
   needs: ["build-qa-ui"]
   dependencies:
     - build-qa-ui
diff --git a/.gitlab-ci/image.yml b/.gitlab-ci/image.yml
index e24a57f6..7cf5f116 100644
--- a/.gitlab-ci/image.yml
+++ b/.gitlab-ci/image.yml
@@ -1,8 +1,9 @@
 ---
 
-.push: &push-image
+.push:
   stage: image
   interruptible: true
+  needs: []
   image:
     name: gcr.io/kaniko-project/executor:v1.9.0-debug
     entrypoint: [""]
@@ -19,47 +20,56 @@
   only:
     - master
 
-backend:
+checker:
+  extends:
+    - .push
   variables:
-    DOCKERFILE: Dockerfile-backend
-  <<: *push-image
+    DOCKERFILE: Dockerfile-checker
+
+receiver:
+  extends:
+    - .push
+  variables:
+    DOCKERFILE: Dockerfile-receiver
 
 admin:
+  extends:
+    - .push
   variables:
     DOCKERFILE: Dockerfile-admin
-  <<: *push-image
 
 evdist:
+  extends:
+    - .push
   variables:
     DOCKERFILE: Dockerfile-evdist
-  <<: *push-image
-
-frontend:
-  variables:
-    DOCKERFILE: Dockerfile-frontend
-  <<: *push-image
 
 frontend-ui:
+  extends:
+    - .push
   variables:
     DOCKERFILE: Dockerfile-frontend-ui
-  <<: *push-image
 
 nginx:
+  extends:
+    - .push
   variables:
     DOCKERFILE: Dockerfile-nginx
-  <<: *push-image
 
 dashboard:
+  extends:
+    - .push
   variables:
     DOCKERFILE: Dockerfile-dashboard
-  <<: *push-image
 
 repochecker:
+  extends:
+    - .push
   variables:
     DOCKERFILE: Dockerfile-repochecker
-  <<: *push-image
 
 qa:
+  extends:
+    - .push
   variables:
     DOCKERFILE: Dockerfile-qa
-  <<: *push-image