diff --git a/.github/workflows/sec-checks.yaml b/.github/workflows/sec-checks.yaml
index a124375f61c..cd84659a426 100644
--- a/.github/workflows/sec-checks.yaml
+++ b/.github/workflows/sec-checks.yaml
@@ -60,3 +60,9 @@ jobs:
           image: kics:sec-tests-${{ github.sha }}
           fail-build: true
           severity-cutoff: critical
+      - name: upload Anchore scan SARIF report
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: ${{ steps.scan.outputs.sarif }}
+      - name: Inspect action SARIF report
+        run: cat ${{ steps.scan.outputs.sarif }}