diff --git a/.github/workflows/security-app.yaml b/.github/workflows/security-app.yaml
index 5129bfa30c..7b4176a3c6 100644
--- a/.github/workflows/security-app.yaml
+++ b/.github/workflows/security-app.yaml
@@ -33,10 +33,15 @@ jobs:
       - name: Setup Snyk
         uses: snyk/actions/setup@master
       - name: Scan api repository
-        run: snyk test
+        run: snyk test --sarif-file-output=snyk-results.sarif
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
+      - name: Upload Results to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: app/internal/snyk-results.sarif
+
   dependency-scan-selfserve:
     if: github.event_name == 'schedule' || inputs.project == 'selfserve'
     name: Selfserve
@@ -55,10 +60,15 @@ jobs:
       - name: Setup Snyk
         uses: snyk/actions/setup@master
       - name: Scan selfserve repository
-        run: snyk test
+        run: snyk test --sarif-file-output=snyk-results.sarif
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
+      - name: Upload Results to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: app/internal/snyk-results.sarif
+
   dependency-scan-internal:
     if: github.event_name == 'schedule' || inputs.project == 'internal'
     name: Internal