diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml
index b4b61bf..56a0d95 100644
--- a/.github/workflows/ci-cd.yml
+++ b/.github/workflows/ci-cd.yml
@@ -71,11 +71,13 @@ jobs:
           skip-version-check: true
           scanners: 'vuln,secret,config'
 
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
+      - name: Upload Trivy scan results as artifact
+        uses: actions/upload-artifact@v4
         if: always()
         with:
-          sarif_file: 'trivy-results.sarif'
+          name: trivy-security-report
+          path: trivy-results.sarif
+          retention-days: 30
 
   # Build and push Docker image
   build: