diff --git a/.github/workflows/sbom-scan.yml b/.github/workflows/sbom-scan.yml
index a903d37b..31950e25 100644
--- a/.github/workflows/sbom-scan.yml
+++ b/.github/workflows/sbom-scan.yml
@@ -33,7 +33,13 @@ jobs:
           sbom: ${{ github.event.repository.name }}-sbom.spdx.json
           fail-build: true
           severity-cutoff: low
-      - name: Upload SBOM scan SARIF report
+      - name: Upload SBOM scan SARIF report as a workflow artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: sarif_artifact
+          path: ${{ steps.scan.outputs.sarif }}
+          if-no-files-found: error
+      - name: Upload SBOM scan SARIF report to GitHub UI Security tab
         if: ${{ github.event_name != 'pull_request' }}
         uses: github/codeql-action/upload-sarif@v3
         with: