diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 258b651..22b9d23 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -118,7 +118,7 @@ jobs:
             trivy-db-
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1  # v0.35.0
         with:
           scan-type: 'fs'
           scan-ref: '.'
@@ -153,7 +153,7 @@ jobs:
             trivy-db-
 
       - name: Run Trivy secret scanner
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1  # v0.35.0
         with:
           scan-type: 'fs'
           scan-ref: '.'
@@ -185,7 +185,7 @@ jobs:
             trivy-db-
 
       - name: Run Trivy config scanner
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1  # v0.35.0
         with:
           scan-type: 'config'
           scan-ref: '.'
diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
index 3cd911f..8b3eb56 100644
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -129,7 +129,7 @@ jobs:
             trivy-db-
 
       - name: Run Trivy container scanner
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1  # v0.35.0
         with:
           image-ref: '${{ env.DOCKER_IMAGE }}:${{ steps.tag.outputs.value }}'
           severity: ${{ env.SECURITY_SEVERITY }}
@@ -168,7 +168,7 @@ jobs:
             trivy-db-
 
       - name: Generate SBOM
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1  # v0.35.0
         with:
           image-ref: '${{ env.DOCKER_IMAGE }}:${{ steps.tag.outputs.value }}'
           format: 'cyclonedx'