diff --git a/.build_ignore b/.build_ignore
index 632be85174..3c018013e5 100644
--- a/.build_ignore
+++ b/.build_ignore
@@ -19,7 +19,6 @@ lefthook.yml
 log/
 README.md
 test/
-trivy.yaml
 lib/tasks/bump_version.rb
 lib/tasks/coverage_report.rb
 lib/tasks/multiverse.rake
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
deleted file mode 100644
index ed4ee03a84..0000000000
--- a/.github/workflows/security.yml
+++ /dev/null
@@ -1,71 +0,0 @@
-name: Security scan
-on:
-  push:
-    branches:
-      - main
-      - dev
-  pull_request:
-  schedule:
-    - cron: '0 9 * * *' # Same time as CI Cron
-
-jobs:
-  build:
-    name: Trivy Scan
-    runs-on: ubuntu-latest
-    permissions:
-      security-events: write
-    steps:
-      - name: Install Ruby 3.3
-        uses: ruby/setup-ruby@a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc # tag v1.202.0
-        with:
-          ruby-version: 3.3
-
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # tag v4.1.7
-
-      - run: bundle # Generate a Gemfile.lock to scan
-
-      - name: Run Trivy in table mode
-        # Table output is only useful when running on a pull request or push.
-        if: contains(fromJSON('["push", "pull_request"]'), github.event_name)
-        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # tag v0.28.0
-        with:
-          scan-type: fs
-          scan-ref: .
-          trivy-config: trivy.yaml
-          format: table
-          exit-code: 1
-
-      - name: Run Trivy in report mode
-        # Only generate sarif when running nightly on the dev branch.
-        if: ${{ github.event_name == 'schedule' }}
-        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # tag v0.28.0
-        with:
-          scan-type: fs
-          scan-ref: .
-          trivy-config: trivy.yaml
-          format: sarif
-          output: trivy-results.sarif
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        # Only upload sarif when running nightly on the dev branch.
-        if: ${{ github.event_name == 'schedule' }}
-        uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # tag v3.27.0
-        with:
-          sarif_file: trivy-results.sarif
-
-  notify_slack_fail:
-    name: Notify slack fail
-    needs: [build]
-    runs-on: ubuntu-22.04
-    if: ${{ github.event_name == 'schedule' && failure() }}
-    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # tag v4.1.7
-      - uses: ./.github/actions/workflow-conclusion
-      - uses: voxmedia/github-action-slack-notify-build@3665186a8c1a022b28a1dbe0954e73aa9081ea9e # tag v1.6.0
-        if: ${{ env.WORKFLOW_CONCLUSION == 'failure' }}
-        env:
-          SLACK_BOT_TOKEN: ${{ secrets.RUBY_GITHUB_ACTIONS_BOT_WEBHOOK }}
-        with:
-          channel: ruby-agent-notifications
-          status: FAILED
-          color: danger
diff --git a/trivy.yaml b/trivy.yaml
deleted file mode 100644
index 1b4f3e2711..0000000000
--- a/trivy.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-db:
-  repository:
-    - mirror.gcr.io/aquasec/trivy-db:2
-
-severities:
-  - CRITICAL
-  - HIGH
-  - MEDIUM
-  - LOW
-
-vulnerability:
-  ignore-unfixed: true