diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..c893c50
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,3 @@
+# This file specifies snyk vulnerabilities to be ignored.
+# If this file contains only comments, then no vulnerabilities are ignored
+# but do not delete this file - it is needed for the live-snyk-scans repo workflows.
diff --git a/sh/kosli.sh b/sh/kosli.sh
index 3661afc..c7df65e 100755
--- a/sh/kosli.sh
+++ b/sh/kosli.sh
@@ -65,7 +65,7 @@ kosli_attest_snyk()
     --artifact-type=docker \
     --host="${hostname}" \
     --api-token="${api_token}" \
-    --attachments="$(repo_root)/snyk.policy" \
+    --attachments="$(repo_root)/.snyk" \
     --name=languages-start-points.snyk-scan \
     --scan-results="$(repo_root)/snyk.json"
 }
@@ -119,7 +119,7 @@ on_ci_kosli_attest_snyk_scan_evidence()
       --file=Dockerfile \
       --sarif \
       --sarif-file-output=snyk.json \
-      --policy-path="$(repo_root)/snyk.policy"
+      --policy-path="$(repo_root)/.snyk"
     set -e
 
     kosli_attest_snyk "${KOSLI_HOST_STAGING}"    "${KOSLI_API_TOKEN_STAGING}"
diff --git a/snyk.policy b/snyk.policy
deleted file mode 100644
index feb8ae5..0000000
--- a/snyk.policy
+++ /dev/null
@@ -1 +0,0 @@
-# Do not delete this file - it is needed for the snyk_scans repo workflow