diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 000000000..02b10fdc1
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,27 @@
+version: 2
+updates:
+  - package-ecosystem: 'cargo'
+    directory: 'programs/mango-v4'
+    schedule:
+      interval: 'daily'
+    allow:
+      - dependency-type: 'direct'
+    commit-message:
+      prefix: 'v4'
+    open-pull-requests-limit: 5
+    labels:
+      - 'cargo'
+      - 'dependency'
+      
+  - package-ecosystem: 'cargo'
+    directory: 'programs/margin-trade'
+    schedule:
+      interval: 'daily'
+    allow:
+      - dependency-type: 'direct'
+    commit-message:
+      prefix: 'margin'
+    open-pull-requests-limit: 5
+    labels:
+      - 'cargo'
+      - 'dependency'
diff --git a/.github/workflows/ci-cargo-audit.yml b/.github/workflows/ci-cargo-audit.yml
index d56c23d1e..532ef2766 100644
--- a/.github/workflows/ci-cargo-audit.yml
+++ b/.github/workflows/ci-cargo-audit.yml
@@ -1,45 +1,23 @@
-# CI job for scanning Cargo dependencies for vulnerabilities and report/fail job based on criticality.
-# Critically vulnerable dependencies with fix available will mark the run as failed (X)
-name: Rust Cargo Audit
+name: Cargo Audit
 
 on:
   push:
     branches: master
   pull_request:
 
-  # Allowing manual runs with ability to choose branch
-  workflow_dispatch:
-
-  # Optimisation option by targeting direct paths to only scan when there are changes to dependencies in the push/PR
-  #  push:
-  #    paths:
-  #      - 'Cargo.toml'
-  #      - 'Cargo.lock'
-  #  pull_request:
-  #    paths:
-  #      - 'Cargo.toml'
-  #      - 'Cargo.lock'
-
-  # Example of running scheduled scans at 6AM UTC every Monday to regularly check for vulnerable dependencies
-  #  schedule:
-  #  - cron: '0 6 * * 1'
-
-# Run the job
 jobs:
-  Cargo-audit:
-    name: Cargo Vulnerability Scanner
+  cargo-audit:
+    name: Cargo Audit
     runs-on: ubuntu-latest
     steps:
-      # Check out GitHub repo
       - uses: actions/checkout@v2
-      
-      # Install cargo audit
+
       - name: Install Cargo Audit
         uses: actions-rs/install@v0.1
         with:
           crate: cargo-audit
           version: latest
 
-      # Run cargo audit using args from .cargo/audit.toml (ignores, etc.)
+      # Run cargo audit using args from .cargo/audit.toml
       - name: Run Cargo Audit
         run: cargo audit -c always
diff --git a/.github/workflows/ci-soteria.yml b/.github/workflows/ci-soteria.yml
index 69c5d6df4..8ffd82afe 100644
--- a/.github/workflows/ci-soteria.yml
+++ b/.github/workflows/ci-soteria.yml
@@ -13,6 +13,7 @@ jobs:
   build:
     name: Soteria
     runs-on: ubuntu-latest
+    if: (github.actor != 'dependabot[bot]')
     steps:
       - name: Check-out repo
         uses: actions/checkout@v2