diff --git a/ci/build.yml b/ci/build.yml
index cb7847f5e..aa9080299 100644
--- a/ci/build.yml
+++ b/ci/build.yml
@@ -112,6 +112,22 @@ core unix regular build:
       - core/build/unix  # most of it needed by test_rust
     expire_in: 1 week
 
+core unix regular asan build:
+  stage: build
+  <<: *gitlab_caching
+  needs: []
+  only:
+    - schedules  # nightly build
+  variables:
+    ADDRESS_SANITIZER: "1"
+  script:
+    - nix-shell --run "poetry run make -C core build_unix"
+  artifacts:
+    name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
+    paths:
+      - core/build/unix  # most of it needed by test_rust
+    expire_in: 1 week
+
 core unix frozen regular build:
   stage: build
   <<: *gitlab_caching
diff --git a/ci/test.yml b/ci/test.yml
index d4ccb2d45..59fe11b9d 100644
--- a/ci/test.yml
+++ b/ci/test.yml
@@ -19,8 +19,24 @@ core unit test:
     - nix-shell --run "poetry run make -C core test_rust | ts -s"
     - nix-shell --run "poetry run make -C core clippy | ts -s"
 
+core unit test asan:
+  stage: test
+  <<: *gitlab_caching
+  needs:
+    - core unix regular asan build
+  only:
+    - schedules  # nightly build
+  variables:
+    RUSTC_BOOTSTRAP: "1"
+    RUSTFLAGS: "-Z sanitizer=address"
+  script:
+    - nix-shell --run "poetry run make -C core test | ts -s"
+    - nix-shell --run "poetry run make -C core test_rust | ts -s"
+    - nix-shell --run "poetry run make -C core clippy | ts -s"
+
 core unit test t1:
   stage: test
+  <<: *gitlab_caching
   needs:
     - core unix frozen btconly debug t1 build
   variables:
@@ -149,6 +165,27 @@ core monero test:
     expire_in: 1 week
     when: always
 
+core monero asan test:
+  stage: test
+  <<: *gitlab_caching
+  needs:
+    - core unix frozen debug asan build
+  only:
+    - schedules  # nightly build
+  variables:
+    TREZOR_PROFILING: 1
+  script:
+    - nix-shell --arg fullDeps true --run "poetry run make -C core test_emu_monero | ts -s"
+    - mv core/src/.coverage core/.coverage.test_emu_monero
+  artifacts:
+    name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
+    paths:
+      - tests/trezor.log
+      - core/tests/trezor_monero_tests.log
+      - core/.coverage.*
+    expire_in: 1 week
+    when: always
+
 core u2f test:
   stage: test
   <<: *gitlab_caching
@@ -243,6 +280,25 @@ core click test:
     expire_in: 1 week
     when: always
 
+core click asan test:
+  stage: test
+  <<: *gitlab_caching
+  needs:
+    - core unix frozen debug asan build
+  only:
+    - schedules  # nightly build
+  script:
+    - nix-shell --run "poetry run make -C core test_emu_click | ts -s"
+  artifacts:
+    name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
+    paths:
+      - tests/trezor.log
+      - tests/junit.xml
+    reports:
+      junit: tests/junit.xml
+    expire_in: 1 week
+    when: always
+
 core upgrade test:
   stage: test
   <<: *gitlab_caching
@@ -262,6 +318,27 @@ core upgrade test:
     expire_in: 1 week
     when: always
 
+core upgrade asan test:
+  stage: test
+  <<: *gitlab_caching
+  needs:
+    - core unix frozen debug asan build
+  only:
+    - schedules  # nightly build
+  variables:
+    TREZOR_UPGRADE_TEST: "core"
+  script:
+    - nix-shell --run "tests/download_emulators.sh"
+    - nix-shell --run "poetry run pytest --junitxml=tests/junit.xml tests/upgrade_tests | ts -s"
+  artifacts:
+    name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
+    paths:
+      - tests/junit.xml
+    reports:
+      junit: tests/junit.xml
+    expire_in: 1 week
+    when: always
+
 core persistence test:
   stage: test
   <<: *gitlab_caching
@@ -278,6 +355,24 @@ core persistence test:
     expire_in: 1 week
     when: always
 
+core persistence asan test:
+  stage: test
+  <<: *gitlab_caching
+  needs:
+    - core unix frozen debug asan build
+  only:
+    - schedules  # nightly build
+  script:
+    - nix-shell --run "poetry run pytest --junitxml=tests/junit.xml tests/persistence_tests | ts -s"
+  artifacts:
+    name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
+    paths:
+      - tests/junit.xml
+    reports:
+      junit: tests/junit.xml
+    expire_in: 1 week
+    when: always
+
 
 # Crypto
 
@@ -393,6 +488,27 @@ legacy upgrade test:
     expire_in: 1 week
     when: always
 
+legacy upgrade asan test:
+  stage: test
+  <<: *gitlab_caching
+  needs:
+    - legacy emu regular debug asan build
+  only:
+    - schedules  # nightly build
+  variables:
+    TREZOR_UPGRADE_TEST: "legacy"
+  script:
+    - nix-shell --run "tests/download_emulators.sh"
+    - nix-shell --run "poetry run pytest --junitxml=tests/junit.xml tests/upgrade_tests | ts -s"
+  artifacts:
+    name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA"
+    paths:
+      - tests/junit.xml
+    reports:
+      junit: tests/junit.xml
+    expire_in: 1 week
+    when: always
+
 
 # Python