diff --git a/README.md b/README.md
index 4678f486..e93816b2 100644
--- a/README.md
+++ b/README.md
@@ -46,9 +46,11 @@ It has been extracted as a separate project to make maintenance easier and enabl
 * phpca - [Finds usage of non-built-in extensions](https://github.com/wapmorgan/PhpCodeAnalyzer)
 * phpcb - [PHP Code Browser](https://github.com/mayflower/PHP_CodeBrowser)
 * phpcbf - [Automatically corrects coding standard violations](https://github.com/squizlabs/PHP_CodeSniffer)
+* phpcodesniffer-composer-install - [Easy installation of PHP_CodeSniffer coding standards (rulesets).](https://github.com/Dealerdirect/phpcodesniffer-composer-installer)
 * phpcov - [a command-line frontend for the PHP_CodeCoverage library](https://github.com/sebastianbergmann/phpcov)
 * phpcpd - [Copy/Paste Detector](https://github.com/sebastianbergmann/phpcpd)
 * phpcs - [Detects coding standard violations](https://github.com/squizlabs/PHP_CodeSniffer)
+* phpcs-security-audit - [Finds vulnerabilities and weaknesses related to security in PHP code](https://github.com/FloeDesignTechnologies/phpcs-security-audit)
 * phpda - [Generates dependency graphs](https://mamuz.github.io/PhpDependencyAnalysis/)
 * phpdd - [Finds usage of deprecated features](http://wapmorgan.github.io/PhpDeprecationDetector)
 * phpdoc-to-typehint - [Automatically adds type hints and return types based on PHPDocs](https://github.com/dunglas/phpdoc-to-typehint)
diff --git a/bin/devkit.php b/bin/devkit.php
index a97b45cd..586c0054 100755
--- a/bin/devkit.php
+++ b/bin/devkit.php
@@ -32,6 +32,7 @@ private function toolsJsonDefault(): array
                 __DIR__ . '/../resources/documentation.json',
                 __DIR__ . '/../resources/linting.json',
                 __DIR__ . '/../resources/metrics.json',
+                __DIR__ . '/../resources/phpcs.json',
                 __DIR__ . '/../resources/phpstan.json',
                 __DIR__ . '/../resources/psalm.json',
                 __DIR__ . '/../resources/refactoring.json',
diff --git a/resources/checkstyle.json b/resources/checkstyle.json
index e322be15..76c511eb 100644
--- a/resources/checkstyle.json
+++ b/resources/checkstyle.json
@@ -55,19 +55,6 @@
             "test": "phpcbf --help",
             "tags": ["checkstyle"]
         },
-        {
-            "name": "phpcs",
-            "summary": "Detects coding standard violations",
-            "website": "https://github.com/squizlabs/PHP_CodeSniffer",
-            "command": {
-                "phar-download": {
-                    "phar": "https://squizlabs.github.io/PHP_CodeSniffer/phpcs.phar",
-                    "bin": "%target-dir%/phpcs"
-                }
-            },
-            "test": "phpcs --help",
-            "tags": ["checkstyle"]
-        },
         {
             "name": "twigcs",
             "summary": "The missing checkstyle for twig!",
diff --git a/resources/phpcs.json b/resources/phpcs.json
new file mode 100644
index 00000000..0ffa3b8a
--- /dev/null
+++ b/resources/phpcs.json
@@ -0,0 +1,44 @@
+{
+  "tools": [
+    {
+      "name": "phpcs",
+      "summary": "Detects coding standard violations",
+      "website": "https://github.com/squizlabs/PHP_CodeSniffer",
+      "command": {
+        "composer-bin-plugin": {
+          "package": "squizlabs/php_codesniffer",
+          "namespace": "phpcs",
+          "links": {"%target-dir%/phpcs": "phpcs"}
+        }
+      },
+      "test": "phpcs --help",
+      "tags": ["checkstyle"]
+    },
+    {
+      "name": "phpcodesniffer-composer-install",
+      "summary": "Easy installation of PHP_CodeSniffer coding standards (rulesets).",
+      "website": "https://github.com/Dealerdirect/phpcodesniffer-composer-installer",
+      "command": {
+        "composer-bin-plugin": {
+          "package": "dealerdirect/phpcodesniffer-composer-installer",
+          "namespace": "phpcs"
+        }
+      },
+      "test": "composer global bin phpcs show dealerdirect/phpcodesniffer-composer-installer",
+      "tags": ["pre-installation"]
+    },
+    {
+      "name": "phpcs-security-audit",
+      "summary": "Finds vulnerabilities and weaknesses related to security in PHP code",
+      "website": "https://github.com/FloeDesignTechnologies/phpcs-security-audit",
+      "command": {
+        "composer-bin-plugin": {
+          "package": "pheromone/phpcs-security-audit",
+          "namespace": "phpcs"
+        }
+      },
+      "test": "phpcs -i | grep Security",
+      "tags": ["security"]
+    }
+  ]
+}
\ No newline at end of file
diff --git a/src/Cli/Application.php b/src/Cli/Application.php
index f65fd397..6bad5944 100644
--- a/src/Cli/Application.php
+++ b/src/Cli/Application.php
@@ -56,6 +56,7 @@ private function toolsJsonDefault(): array
                 __DIR__.'/../../resources/documentation.json',
                 __DIR__.'/../../resources/linting.json',
                 __DIR__.'/../../resources/metrics.json',
+                __DIR__.'/../../resources/phpcs.json',
                 __DIR__.'/../../resources/phpstan.json',
                 __DIR__.'/../../resources/psalm.json',
                 __DIR__.'/../../resources/refactoring.json',
diff --git a/tests/Cli/ApplicationTest.php b/tests/Cli/ApplicationTest.php
index 81bca7d6..e5ed3960 100644
--- a/tests/Cli/ApplicationTest.php
+++ b/tests/Cli/ApplicationTest.php
@@ -62,6 +62,7 @@ public function test_it_defines_tools_option()
                 \realpath(__DIR__.'/../../src/Cli/').'/../../resources/documentation.json',
                 \realpath(__DIR__.'/../../src/Cli/').'/../../resources/linting.json',
                 \realpath(__DIR__.'/../../src/Cli/').'/../../resources/metrics.json',
+                \realpath(__DIR__.'/../../src/Cli/').'/../../resources/phpcs.json',
                 \realpath(__DIR__.'/../../src/Cli/').'/../../resources/phpstan.json',
                 \realpath(__DIR__.'/../../src/Cli/').'/../../resources/psalm.json',
                 \realpath(__DIR__.'/../../src/Cli/').'/../../resources/refactoring.json',