diff --git a/.github/actions/secret-scanner/excluded_files.patterns b/.github/actions/secret-scanner/excluded_files.patterns
new file mode 100644
index 0000000..c582915
--- /dev/null
+++ b/.github/actions/secret-scanner/excluded_files.patterns
@@ -0,0 +1,4 @@
+# Sealed secrets
+.*-sealed\.json$
+.*-sealed\.yml$
+.*-sealed\.yaml$
diff --git a/.github/actions/secret-scanner/excluded_lines.patterns b/.github/actions/secret-scanner/excluded_lines.patterns
new file mode 100644
index 0000000..daf2f87
--- /dev/null
+++ b/.github/actions/secret-scanner/excluded_lines.patterns
@@ -0,0 +1,5 @@
+# Image tags
+^.*tag.*$
+
+# Secrets we don't care about
+[\"\']?googleMapsApiKey[\"\']?: [\"\']?\w+[\"\']?
diff --git a/.github/actions/secret-scanner/excluded_secrets.patterns b/.github/actions/secret-scanner/excluded_secrets.patterns
new file mode 100644
index 0000000..99d8a38
--- /dev/null
+++ b/.github/actions/secret-scanner/excluded_secrets.patterns
@@ -0,0 +1,2 @@
+# Sendgrid keys
+^SG\.\w{22}\.\w{43}$
diff --git a/.github/workflows/detect-new-secrets.yml b/.github/workflows/detect-new-secrets.yml
index 66834b7..03e4f41 100644
--- a/.github/workflows/detect-new-secrets.yml
+++ b/.github/workflows/detect-new-secrets.yml
@@ -1,13 +1,12 @@
 name: Checking for Secrets
-on:
-  push:
+on: [push]
 
 jobs:
   check-secrets:
     name: Checking for Secrets
-    runs-on: [ubuntu-latest]
+    runs-on: ubuntu-latest
     steps:
       - name: Checkout Configuration
         uses: actions/checkout@v3
       - name: Secret Scanner
-        uses: secret-scanner/action@0.0.1
+        uses: secret-scanner/action@bf855b904a8bca17a334986797650dacec7ed529