diff --git a/cmd/codeqlExecuteScan.go b/cmd/codeqlExecuteScan.go
index fdace77ad3..546a310dd5 100644
--- a/cmd/codeqlExecuteScan.go
+++ b/cmd/codeqlExecuteScan.go
@@ -15,6 +15,7 @@ import (
 	"github.com/SAP/jenkins-library/pkg/maven"
 	"github.com/SAP/jenkins-library/pkg/piperutils"
 	"github.com/SAP/jenkins-library/pkg/telemetry"
+	"github.com/google/shlex"
 	"github.com/pkg/errors"
 )
 
@@ -139,6 +140,13 @@ func runCodeqlExecuteScan(config *codeqlExecuteScanOptions, telemetryData *telem
 	}
 	reports = append(reports, scanReports...)
 
+	if len(config.CustomCommand) > 0 {
+		err = runCustomCommand(utils, config.CustomCommand)
+		if err != nil {
+			return reports, err
+		}
+	}
+
 	repoInfo, err := codeql.GetRepoInfo(config.Repository, config.AnalyzedRef, config.CommitID,
 		config.TargetGithubRepoURL, config.TargetGithubBranchName)
 	if err != nil {
@@ -394,6 +402,24 @@ func uploadProjectToGitHub(config *codeqlExecuteScanOptions, repoInfo *codeql.Re
 	return nil
 }
 
+func runCustomCommand(utils codeqlExecuteScanUtils, command string) error {
+	log.Entry().Infof("custom command will be run: %s", command)
+	cmd, err := shlex.Split(command)
+	if err != nil {
+		log.Entry().WithError(err).Errorf("failed to parse custom command %s", command)
+		return err
+	}
+	log.Entry().Infof("Parsed command '%s' with %d arguments: ['%s']", cmd[0], len(cmd[1:]), strings.Join(cmd[1:], "', '"))
+
+	err = utils.RunExecutable(cmd[0], cmd[1:]...)
+	if err != nil {
+		log.Entry().WithError(err).Errorf("failed to run command %s", command)
+		return err
+	}
+	log.Entry().Info("Success.")
+	return nil
+}
+
 func checkForCompliance(scanResults []codeql.CodeqlFindings, config *codeqlExecuteScanOptions, repoInfo *codeql.RepoInfo) error {
 	for _, scanResult := range scanResults {
 		if scanResult.ClassificationName == codeql.AuditAll {
diff --git a/cmd/codeqlExecuteScan_generated.go b/cmd/codeqlExecuteScan_generated.go
index b7cb31e10c..bd4ac20aba 100644
--- a/cmd/codeqlExecuteScan_generated.go
+++ b/cmd/codeqlExecuteScan_generated.go
@@ -45,6 +45,7 @@ type codeqlExecuteScanOptions struct {
 	GlobalSettingsFile          string `json:"globalSettingsFile,omitempty"`
 	DatabaseCreateFlags         string `json:"databaseCreateFlags,omitempty"`
 	DatabaseAnalyzeFlags        string `json:"databaseAnalyzeFlags,omitempty"`
+	CustomCommand               string `json:"customCommand,omitempty"`
 }
 
 type codeqlExecuteScanInflux struct {
@@ -271,6 +272,7 @@ func addCodeqlExecuteScanFlags(cmd *cobra.Command, stepConfig *codeqlExecuteScan
 	cmd.Flags().StringVar(&stepConfig.GlobalSettingsFile, "globalSettingsFile", os.Getenv("PIPER_globalSettingsFile"), "Path to the mvn settings file that should be used as global settings file.")
 	cmd.Flags().StringVar(&stepConfig.DatabaseCreateFlags, "databaseCreateFlags", os.Getenv("PIPER_databaseCreateFlags"), "A space-separated string of flags for the 'codeql database create' command.")
 	cmd.Flags().StringVar(&stepConfig.DatabaseAnalyzeFlags, "databaseAnalyzeFlags", os.Getenv("PIPER_databaseAnalyzeFlags"), "A space-separated string of flags for the 'codeql database analyze' command.")
+	cmd.Flags().StringVar(&stepConfig.CustomCommand, "customCommand", os.Getenv("PIPER_customCommand"), "A custom user-defined command to run between codeql analysis and results upload.")
 
 	cmd.MarkFlagRequired("buildTool")
 }
@@ -527,6 +529,15 @@ func codeqlExecuteScanMetadata() config.StepData {
 						Aliases:     []config.Alias{},
 						Default:     os.Getenv("PIPER_databaseAnalyzeFlags"),
 					},
+					{
+						Name:        "customCommand",
+						ResourceRef: []config.ResourceReference{},
+						Scope:       []string{"STEPS", "STAGES", "PARAMETERS"},
+						Type:        "string",
+						Mandatory:   false,
+						Aliases:     []config.Alias{},
+						Default:     os.Getenv("PIPER_customCommand"),
+					},
 				},
 			},
 			Containers: []config.Container{
diff --git a/go.mod b/go.mod
index b2c2299b60..ddaceac057 100644
--- a/go.mod
+++ b/go.mod
@@ -177,7 +177,7 @@ require (
 	github.com/google/btree v1.0.1 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
+	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
 	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
 	github.com/googleapis/gax-go/v2 v2.12.2 // indirect
 	github.com/gorilla/mux v1.8.0 // indirect
diff --git a/resources/metadata/codeqlExecuteScan.yaml b/resources/metadata/codeqlExecuteScan.yaml
index f489299d71..eb9c5d9374 100644
--- a/resources/metadata/codeqlExecuteScan.yaml
+++ b/resources/metadata/codeqlExecuteScan.yaml
@@ -233,6 +233,13 @@ spec:
           - STEPS
           - STAGES
           - PARAMETERS
+      - name: customCommand
+        type: string
+        description: "A custom user-defined command to run between codeql analysis and results upload."
+        scope:
+          - STEPS
+          - STAGES
+          - PARAMETERS
   containers:
     - image: ""
   outputs: