diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index d39cb389..fdc03d40 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -1,10 +1,15 @@
-name: Build
+name: Trivy
 
 on:
   push:
     branches:
       - kubernetes-*
       - main
+  pull_request:
+    branches:
+      - main
+    paths:
+      - ".github/workflows/trivy.yml"
   schedule:
     - cron: "28 6 * * 0"
   workflow_dispatch:
@@ -13,18 +18,27 @@ permissions:
   contents: read
 
 jobs:
-  Trivy:
+  trivy:
     runs-on: ubuntu-latest
     steps:
     - name: ⬇️ Checkout repository
       uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
     - name: Image
-      run: bash -c "make build-image"
+      run: |
+        make build-image
+      env:
+        VERSION: ${{ github.sha }}
     - name: 🔎 Trivy-Scan
-      id: trivyscan
-      run: make trivy-scan
+      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 #v0.33.1
+      with:
+        image-ref: outscale/cloud-provider-osc:${{ github.sha }}
+        format: 'sarif'
+        output: 'trivy-results.sarif'
+        severity: 'CRITICAL,HIGH'
+        trivyignores: '.trivyignore'
+        version: 'v0.69.3'
     - name: ⬆️ Upload Trivy results
       if: ${{ github.event_name != 'pull_request' }}
       uses: github/codeql-action/upload-sarif@v4
       with:
-        sarif_file: './.trivyscan/report.sarif'
+        sarif_file: 'trivy-results.sarif'
diff --git a/.trivyignore b/.trivyignore
index cb85c62e..e69de29b 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -1,10 +0,0 @@
-# github.com/emicklei/go-restful 
-CVE-2022-1996
-# https://github.com/advisories/GHSA-69cg-p879-7622
-CVE-2022-27664
-# https://avd.aquasec.com/nvd/cve-2022-32149
-CVE-2022-32149 
-# https://avd.aquasec.com/nvd/2023/cve-2023-45142
-CVE-2023-45142
-# https://avd.aquasec.com/nvd/2023/cve-2023-47108
-CVE-2023-47108
diff --git a/Makefile b/Makefile
index 10e8fbaa..fc5351ea 100644
--- a/Makefile
+++ b/Makefile
@@ -45,7 +45,7 @@ E2E_FOCUS ?= e2e
 
 OSC_REGION ?= eu-west-2
 
-TRIVY_IMAGE := aquasec/trivy:0.62.1
+TRIVY_IMAGE := aquasec/trivy:0.69.3
 
 .PHONY: help
 help:
@@ -189,7 +189,7 @@ helm-package:
 # Copy docs into the archive for ArtfactHub, symlink does not work with helm-git
 	cp docs/CHANGELOG.md docs/README.md LICENSE deploy/k8s-osc-ccm/
 	helm package deploy/k8s-osc-ccm -d out-helm
-	rm deploy/k8s-osc-ccm/CHANGELOG.md deploy/k8s-osc-ccm/README.md deploy/k8s-osc-ccm/LICENSE 
+	rm deploy/k8s-osc-ccm/CHANGELOG.md deploy/k8s-osc-ccm/README.md deploy/k8s-osc-ccm/LICENSE
 
 helm-push: helm-package
 	helm push out-helm/*.tgz oci://registry-1.docker.io/${DOCKER_USER}