diff --git a/soda/dbt/setup.py b/soda/dbt/setup.py
index 27dfdbd7b..b24fcf499 100644
--- a/soda/dbt/setup.py
+++ b/soda/dbt/setup.py
@@ -9,6 +9,7 @@
 requires = [
     f"soda-core=={package_version}",
     "dbt-core~=1.3.0",
+    "security~=1.3.1",
 ]
 # TODO Fix the params
 setup(
diff --git a/soda/dbt/soda/cloud/dbt.py b/soda/dbt/soda/cloud/dbt.py
index 6f51da1c9..ae3e18b1b 100644
--- a/soda/dbt/soda/cloud/dbt.py
+++ b/soda/dbt/soda/cloud/dbt.py
@@ -22,6 +22,7 @@
 from dbt.contracts.results import RunResultOutput
 from dbt.node_types import NodeType
 from requests.structures import CaseInsensitiveDict
+from security import safe_requests
 from soda.cloud.dbt_config import DbtCloudConfig
 from soda.cloud.soda_cloud import SodaCloud
 from soda.common.json_helper import JsonHelper
@@ -265,7 +266,7 @@ def _download_dbt_artifact_from_cloud(
 
         self.scan._logs.info(f"Downloading artifact: {artifact}, from run: {run_id}")
 
-        response = requests.get(url, headers=headers)
+        response = safe_requests.get(url, headers=headers)
         if response.status_code != requests.codes.ok:
             response.raise_for_status()
 
@@ -279,7 +280,7 @@ def _get_latest_run_id(self, api_token: str, account_id: str, job_id: str) -> st
         headers["Content-Type"] = "application/json"
 
         query_params = {"job_definition_id": job_id, "order_by": "-finished_at"}
-        response = requests.get(url, headers=headers, params=query_params)
+        response = safe_requests.get(url, headers=headers, params=query_params)
 
         if response.status_code != requests.codes.ok:
             response.raise_for_status()