diff --git a/poetry.lock b/poetry.lock
index a2b89fb9..681bb9bd 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -191,16 +191,17 @@ pyflakes = ">=2.4.0,<2.5.0"
 
 [[package]]
 name = "flake8-bandit"
-version = "2.1.2"
+version = "3.0.0"
 description = "Automated security testing with bandit and flake8."
 optional = false
-python-versions = "*"
+python-versions = ">=3.6"
 files = [
-    {file = "flake8_bandit-2.1.2.tar.gz", hash = "sha256:687fc8da2e4a239b206af2e54a90093572a60d0954f3054e23690739b0b0de3b"},
+    {file = "flake8_bandit-3.0.0-py2.py3-none-any.whl", hash = "sha256:61b617f4f7cdaa0e2b1e6bf7b68afb2b619a227bb3e3ae00dd36c213bd17900a"},
+    {file = "flake8_bandit-3.0.0.tar.gz", hash = "sha256:54d19427e6a8d50322a7b02e1841c0a7c22d856975f3459803320e0e18e2d6a1"},
 ]
 
 [package.dependencies]
-bandit = "*"
+bandit = ">=1.7.3"
 flake8 = "*"
 flake8-polyfill = "*"
 pycodestyle = "*"
@@ -732,4 +733,4 @@ test = ["covdefaults (>=2.2.2)", "coverage (>=7.1)", "coverage-enable-subprocess
 [metadata]
 lock-version = "2.0"
 python-versions = ">=3.11,<3.13"
-content-hash = "e6501e17e08687dfa39e313438f574a0424cd94b4dc4897da06e3d75e7e58fff"
+content-hash = "802376e3d7c432de645cbdccec82a3e2cce95327966f8c4712e81d45e3823573"
diff --git a/pyproject.toml b/pyproject.toml
index 5817ea63..9145fd32 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -18,7 +18,7 @@ python = ">=3.11,<3.13"
 pre-commit = "^3.6.2"
 flake8 = "^4.0.1"
 black = ">=21.10b0"
-flake8-bandit = "^2.1.2"
+flake8-bandit = "^3.0.0"
 ruff = "^0.2.1"
 
 # 1.7.3 broke us. https://github.com/PyCQA/bandit/issues/841