diff --git a/.github/workflows/build-images-from-branch.yml b/.github/workflows/build-images-from-branch.yml
index 3d7b1bee0ad..d82a7c37608 100644
--- a/.github/workflows/build-images-from-branch.yml
+++ b/.github/workflows/build-images-from-branch.yml
@@ -95,7 +95,7 @@ jobs:
           cache-from: type=registry,ref=opencrvs/ocrvs-${{ matrix.service }}:${{ needs.base.outputs.branch }}
           cache-to: type=inline
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.21.0
         with:
           image-ref: 'opencrvs/ocrvs-${{ matrix.service }}:${{ needs.base.outputs.version }}'
           trivy-config: trivy.yaml
diff --git a/trivy.yaml b/trivy.yaml
index ca8bc918756..5d62d214485 100644
--- a/trivy.yaml
+++ b/trivy.yaml
@@ -23,7 +23,6 @@ scan:
   scanners:
     - vuln
     - misconfig
-    - secret
 ignorefile: .trivyignore.yaml
 vulnerability:
   ignore-unfixed: true