diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index 032f20115..97a2a4abe 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -14,7 +14,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.6.2
+        uses: aquasecurity/trivy-action@0.16.1
         if: ${{ ! github.event.schedule }}  # Do not run inline checks when running periodically
         with:
           scan-type: fs
@@ -23,7 +23,7 @@ jobs:
           severity: 'HIGH,CRITICAL'
 
       - name: Run Trivy vulnerability scanner sarif output
-        uses: aquasecurity/trivy-action@0.3.0
+        uses: aquasecurity/trivy-action@0.16.1
         if: ${{ github.event.schedule }}  # Generate sarif when running periodically
         with:
           scan-type: fs