diff --git a/.github/workflows/pull-request-sast.yaml b/.github/workflows/pull-request-sast.yaml
index 2ed8486..102212c 100644
--- a/.github/workflows/pull-request-sast.yaml
+++ b/.github/workflows/pull-request-sast.yaml
@@ -20,7 +20,7 @@ jobs:
 
       # Results have to be a table as the organisation does not have Advanced Security license.
       - name: Terraform Trivy Scan
-        uses: aquasecurity/trivy-action@0.19.0
+        uses: aquasecurity/trivy-action@0.21.0
         with:
           scan-type: 'config'
           trivyignores: ".trivyignore"