diff --git a/.bandit.yaml b/.bandit.yaml
deleted file mode 100644
index 49002f24..00000000
--- a/.bandit.yaml
+++ /dev/null
@@ -1,3 +0,0 @@
-exclude_dirs:
-  - regions/*test*
-  - regions/**/*test*
diff --git a/pyproject.toml b/pyproject.toml
index 157959ab..c79452e0 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -167,3 +167,9 @@ force-exclude = """
   .*
 )
 """
+
+[tool.bandit]
+exclude_dirs = ['*/tests/test_casa_mask.py']
+
+[tool.bandit.assert_used]
+skips = ['*_test.py', '*/test_*.py', '*/tests/helpers.py']
diff --git a/tox.ini b/tox.ini
index 8f9581c6..2b65c1d8 100644
--- a/tox.ini
+++ b/tox.ini
@@ -134,4 +134,4 @@ skip_install = true
 changedir = .
 description = security check with bandit
 deps = bandit
-commands = bandit -r regions -c .bandit.yaml
+commands = bandit -r regions -c pyproject.toml