diff --git a/dependency-check-maven/pom.xml b/dependency-check-maven/pom.xml
index 187081527..591467488 100644
--- a/dependency-check-maven/pom.xml
+++ b/dependency-check-maven/pom.xml
@@ -171,6 +171,10 @@ Copyright (c) 2013 Jeremy Long. All Rights Reserved.
             <artifactId>maven-core</artifactId>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.apache.maven.shared</groupId>
+            <artifactId>file-management</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.apache.maven.plugin-tools</groupId>
             <artifactId>maven-plugin-annotations</artifactId>
diff --git a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
index 6d26ef4ae..3e6cac416 100644
--- a/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
+++ b/dependency-check-maven/src/main/java/org/owasp/dependencycheck/maven/BaseDependencyCheckMojo.java
@@ -47,6 +47,8 @@ import org.apache.maven.shared.artifact.resolve.ArtifactResolverException;
 import org.apache.maven.shared.dependency.graph.DependencyGraphBuilder;
 import org.apache.maven.shared.dependency.graph.DependencyGraphBuilderException;
 import org.apache.maven.shared.dependency.graph.DependencyNode;
+import org.apache.maven.shared.model.fileset.FileSet;
+import org.apache.maven.shared.model.fileset.util.FileSetManager;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.data.nexus.MavenArtifact;
 import org.owasp.dependencycheck.data.nvdcve.DatabaseException;
@@ -494,6 +496,16 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
      */
     private Filter<String> artifactTypeExcluded;
 
+    /**
+     * An array of <code>fileSet</code>s that specify additional files and/or directories
+     * (from the basedir) to analyze as part of the scan. If not specified, defaults to
+     * Maven conventions of:
+     * src/main/resources, src/main/filters, and src/main/webapp
+     */
+    @Parameter(property = "scanSet", required = false)
+    private FileSet[] scanSet;
+
+
     // </editor-fold>
     //<editor-fold defaultstate="collapsed" desc="Base Maven implementation">
     /**
@@ -748,6 +760,36 @@ public abstract class BaseDependencyCheckMojo extends AbstractMojo implements Ma
                 exCol.addException(ex);
             }
         }
+
+        // Define the default FileSets
+        if (scanSet == null || scanSet.length == 0) {
+            FileSet resourcesSet = new FileSet();
+            FileSet filtersSet = new FileSet();
+            FileSet webappSet = new FileSet();
+            try {
+                resourcesSet.setDirectory(new File(project.getBasedir(), "src/main/resources").getCanonicalPath());
+                filtersSet.setDirectory(new File(project.getBasedir(), "src/main/filters").getCanonicalPath());
+                webappSet.setDirectory(new File(project.getBasedir(), "src/main/webapp").getCanonicalPath());
+            } catch (IOException ex) {
+                if (exCol == null) {
+                    exCol = new ExceptionCollection();
+                }
+                exCol.addException(ex);
+            }
+            scanSet = new FileSet[] {resourcesSet, filtersSet, webappSet};
+        }
+        // Iterate through FileSets and scan included files
+        FileSetManager fileSetManager = new FileSetManager();
+        for (FileSet fileSet: scanSet) {
+            String[] includedFiles = fileSetManager.getIncludedFiles(fileSet);
+            for (String include: includedFiles) {
+                File includeFile = new File(fileSet.getDirectory(), include).getAbsoluteFile();
+                if (includeFile.exists()) {
+                    engine.scan(includeFile, project.getName());
+                }
+            }
+        }
+
         return exCol;
     }
 
diff --git a/dependency-check-maven/src/site/markdown/configuration.md b/dependency-check-maven/src/site/markdown/configuration.md
index b2abb8686..6803b177e 100644
--- a/dependency-check-maven/src/site/markdown/configuration.md
+++ b/dependency-check-maven/src/site/markdown/configuration.md
@@ -22,6 +22,7 @@ failOnError                 | Whether the build should fail if there is an error
 format                      | The report format to be generated (HTML, XML, CSV, JSON, VULN, ALL). This configuration option has no affect if using this within the Site plugin unless the externalReport is set to true. | HTML
 name                        | The name of the report in the site. | dependency-check or dependency-check:aggregate
 outputDirectory             | The location to write the report(s). Note, this is not used if generating the report as part of a `mvn site` build. | 'target'
+scanSet                     | An optional collection of filesets that specify additional files and/or directories to analyze as part of the scan. If not specified, defaults to standard Maven conventions. | src/main/resources, src/main/filters, src/main/webapp
 skip                        | Skips the dependency-check analysis.                       | false
 skipProvidedScope           | Skip analysis for artifacts with Provided Scope.           | false
 skipRuntimeScope            | Skip analysis for artifacts with Runtime Scope.            | false
diff --git a/pom.xml b/pom.xml
index e40912d5b..047154aec 100644
--- a/pom.xml
+++ b/pom.xml
@@ -708,6 +708,11 @@ Copyright (c) 2012 - Jeremy Long
                 <artifactId>maven-plugin-api</artifactId>
                 <version>${maven.api.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.apache.maven.shared</groupId>
+                <artifactId>file-management</artifactId>
+                <version>3.0.0</version>
+            </dependency>
             <dependency>
                 <groupId>org.apache.maven</groupId>
                 <artifactId>maven-settings</artifactId>