diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index cb44650a359b31703f4a317c8e12c7fcb8a59c00..2a7f0ee789df0b97cc72c62435c297fc706a440f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -58,22 +58,14 @@ scan:
     - if: $CI_PIPELINE_SOURCE == "schedule" && $CI_PIPELINE_SCHEDULE_DESCRIPTION == "Scan"
   stage: deploy
   tags: [ns4.shore.co.il]
-  image: docker.io/docker:dind
+  image: registry.shore.co.il/ci-images:docker
   before_script:
-    - >-
-      docker build
-      --tag "${CI_PROJECT_NAME}:scan"
-      --pull
-      scan
+    - apk add --update curl jq
   script:
-    - mkdir --mode=777 output
-    - >-
-      docker run
-      --env CI_JOB_URL
-      --rm
-      --volume "${PWD}/output:/output"
-      "${CI_PROJECT_NAME}:scan"
+    - cd scan
+    - mkdir output
+    - ./scan
   artifacts:
     paths:
-      - output/*.log
+      - scan/output/*.log
   timeout: 2h
diff --git a/scan/.dockerignore b/scan/.dockerignore
deleted file mode 100644
index 0e9700f016c01d4442c0f5b24ec5be3ef517c354..0000000000000000000000000000000000000000
--- a/scan/.dockerignore
+++ /dev/null
@@ -1,3 +0,0 @@
-*
-!scan
-!*.yaml
diff --git a/scan/Dockerfile b/scan/Dockerfile
deleted file mode 100644
index c089b57e49b5b3b331daed51cb651c84d144a075..0000000000000000000000000000000000000000
--- a/scan/Dockerfile
+++ /dev/null
@@ -1,15 +0,0 @@
-FROM registry.shore.co.il/ci-images:docker
-# hadolint ignore=DL3018
-RUN apk add --update --no-cache \
-        curl \
-        jq \
-    && \
-    install -d -o root -g root -m 755 /etc/trivy && \
-    install -d -o root -g root -m 777 /output
-COPY --chown=root:root scan /usr/local/bin/
-COPY --chown=root:root trivy*.yaml /etc/trivy/
-VOLUME /output
-WORKDIR /etc/trivy
-CMD ["scan"]
-USER nobody
-ENV HOME /tmp
diff --git a/scan/scan b/scan/scan
index 5885ce393e200cb1f76e4431970fd8a9035f5947..db2886f2ca903711251982e361bc9a3553e07a0b 100755
--- a/scan/scan
+++ b/scan/scan
@@ -3,6 +3,19 @@ set -eu
 
 REGISTRY=registry.shore.co.il
 
+die() {
+    echo "$@" >&2
+    exit 1
+}
+
+blue () {
+    printf '\e[1;94m%s\e[0m\n' "$@" >&2
+}
+
+green () {
+    printf '\e[1;92m%s\e[0m\n' "$@" >&2
+}
+
 red () {
     printf '\e[1;91m%s\e[0m\n' "$@" >&2
 }
@@ -22,7 +35,7 @@ scan () {
     local tag
     image="$1"
     tag="$2"
-    if ! trivy image --output="/output/${image}:${tag}.log" "${REGISTRY}/${image}:${tag}"
+    if ! trivy image --output="output/${image}:${tag}.log" "${REGISTRY}/${image}:${tag}"
     then
         if [ -z "${CI_JOB_URL:-}" ]
         then
@@ -32,7 +45,7 @@ scan () {
         fi
         echo
     else
-        red "No vulnerabilities found in ${image}:${tag}."
+        green "No vulnerabilities found in ${image}:${tag}."
     fi
 }
 
@@ -41,19 +54,20 @@ do
     command -v "$tool" >/dev/null || die "$tool is missing."
 done
 
-red "Updating the vulnerability database."
+blue "Updating the vulnerability database."
 trivy image \
     --config=/dev/null \
     --download-db-only \
     --no-progress \
     --skip-version-check \
     ;
+mkdir --parents output
 
 for image in $(list_images)
 do
     for tag in $(list_tags "$image")
     do
-        red "Scanning ${image}:${tag}."
+        blue "Scanning ${image}:${tag}."
         scan "$image" "$tag"
     done
 done
diff --git a/scan/trivy.yaml b/scan/trivy.yaml
index 8e7acc4fc941e07fac6a80725d1eaeaafc608086..03ee123914bc31e19a528052c96f2725cd886dfc 100644
--- a/scan/trivy.yaml
+++ b/scan/trivy.yaml
@@ -2,6 +2,7 @@
 exit-code: 1
 ignorefile: trivyignore.yaml
 quiet: true
+timeout: 1h
 
 db:
   no-progress: true