diff --git a/.gitignore b/.gitignore
index a6d6d20..8f78923 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,3 +15,4 @@ releasenotes/build
 .coverage.*
 *.json
 .cache
+*.log*
\ No newline at end of file
diff --git a/picasso/common/logger.py b/picasso/common/logger.py
index 510aaa9..eb26d7f 100644
--- a/picasso/common/logger.py
+++ b/picasso/common/logger.py
@@ -21,7 +21,7 @@ from . import utils
 
 def common_logger_setup(
         level=logging.DEBUG,
-        filename='/tmp/picasso-api.log',
+        filename='/var/log/picasso-api.log',
         log_formatter='[%(asctime)s] - '
                       '%(name)s - '
                       '%(levelname)s - '
@@ -40,7 +40,7 @@ def common_logger_setup(
 
 
 def setup_logging(name,
-                  filename='/tmp/picasso-api-{}.log'.format(
+                  filename='/var/log/picasso-api-{}.log'.format(
                       datetime.datetime.now()),
                   level=logging.DEBUG,
                   log_to_console=False,
@@ -68,7 +68,7 @@ class Singleton(type):
 class UnifiedLogger(object, metaclass=utils.Singleton):
 
     def __init__(self,
-                 filename='/tmp/picasso-api-{}.log'.format(
+                 filename='/var/log/picasso-api-{}.log'.format(
                      datetime.datetime.now()),
                  level=logging.DEBUG, log_to_console=False):
         self.filename = filename
diff --git a/picasso/tests/common/base.py b/picasso/tests/common/base.py
index db24886..74872f7 100644
--- a/picasso/tests/common/base.py
+++ b/picasso/tests/common/base.py
@@ -36,7 +36,7 @@ class PicassoTestsBase(object):
 
         logger = log.UnifiedLogger(
             log_to_console=False,
-            filename=("/tmp/picasso-{}-tests-run-{}.log"
+            filename=("./picasso-{}-tests-run-{}.log"
                       .format(test_type, datetime.datetime.now())),
             level="DEBUG").setup_logger(__package__)
         return testloop, logger
diff --git a/test-requirements.txt b/test-requirements.txt
index 2fc41b2..6b530c5 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -8,3 +8,4 @@ sphinx!=1.3b1,<1.4,>=1.2.1 # BSD
 testtools>=1.4.0 # MIT
 pytest-aiohttp==0.1.3
 pytest-cov==2.4.0
+bandit>=1.1.0  # Apache-2.0
diff --git a/testing.md b/testing.md
index c56fb40..4b2c346 100644
--- a/testing.md
+++ b/testing.md
@@ -105,3 +105,8 @@ So, as part of `Tox` testing new check was added - functional test coverage regr
 In order to run it use following command:
 
     $ tox -e py35-functional-regression
+
+Static code analysis with Bandit
+================================
+
+    $ tox -e bandit
diff --git a/tox.ini b/tox.ini
index 79e189b..80c46e1 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,7 +1,7 @@
 # Project LaOS
 
 [tox]
-envlist = py35-functional,py35-functional-regression,py35-integration,py35-integration-regression,pep8,docker-build
+envlist = py35-functional,py35-functional-regression,py35-integration,py35-integration-regression,pep8,docker-build,bandit
 minversion = 1.6
 skipsdist = True
 
@@ -51,6 +51,9 @@ commands =
 [testenv:docker-full]
 commands = {toxinidir}/scripts/docker_full.sh
 
+[testenv:bandit]
+commands = bandit -r picasso/
+
 [flake8]
 ignore = H202,H304,H404,H405,H501
 show-source = True