diff --git a/.github/workflows/vulnerability_scanning.yml b/.github/workflows/vulnerability_scanning.yml
index ba160d90d..b4a3c84de 100644
--- a/.github/workflows/vulnerability_scanning.yml
+++ b/.github/workflows/vulnerability_scanning.yml
@@ -28,9 +28,8 @@ jobs:
       - name: Run Trivy Scan
         uses: aquasecurity/trivy-action@0.29.0
         with:
-          scan-type: filesystem
+          scan-type: "fs"
           scan-ref: .
-          path: .
           severity: CRITICAL,HIGH
           ignore-unfixed: true
           exit-code: 1
@@ -41,17 +40,5 @@ jobs:
         uses: actions/upload-artifact@v4
         with:
           name: trivy-report
-          path: trivy-report.json
+          path: trivy-report.sarif
           retention-days: 30
-
-      - name: Fail build on High/Criticial Vulnerabilities
-        uses: aquasecurity/trivy-action@master
-        with:
-          scan-type: "fs"
-          format: table
-          scan-ref: .
-          severity: HIGH,CRITICAL
-          ignore-unfixed: true
-          exit-code: 1
-          # On a subsequent call to the action we know trivy is already installed so can skip this
-          skip-setup-trivy: true