diff --git a/.github/workflows/github-security-checks.yml b/.github/workflows/github-security-checks.yml
index b7f5809..5990044 100644
--- a/.github/workflows/github-security-checks.yml
+++ b/.github/workflows/github-security-checks.yml
@@ -20,7 +20,7 @@ jobs:
           git config --global --add safe.directory '*'
       - name: SAST Scan
         working-directory: .
-        run: bearer scan . ./ci/config/bearer.yml
+        run: bearer scan . --config-file ./ci/config/bearer.yml 
       - name: Commit changes
         uses: EndBug/add-and-commit@v9
         with: 
diff --git a/ci/configs/bearer.yml b/ci/configs/bearer.yml
index 15322c4..326bf94 100644
--- a/ci/configs/bearer.yml
+++ b/ci/configs/bearer.yml
@@ -1,12 +1,11 @@
 disable-version-check: false
 log-level: info
 report:
-    fail-on-severity: critical,high,medium,low
     format: json
     no-color: false
     output: ""
     report: security
-    severity: critical,high,medium,low,warning
+    severity: critical,high
 rule:
     disable-default-rules: false
     only-rule: []
@@ -22,6 +21,9 @@ scan:
     internal-domains: []
     parallel: 0
     quiet: true
+    exit-code: 0
     scanner:
         - secrets
+        - sast
     skip-test: true
+    skip-path: ['*/vendor']