diff --git a/.github/workflows/snyk-issue.yml b/.github/workflows/snyk-issue.yml
index a0544c428..f12f1d78f 100644
--- a/.github/workflows/snyk-issue.yml
+++ b/.github/workflows/snyk-issue.yml
@@ -4,10 +4,15 @@ on:
   schedule:
     - cron: '* */12 * * *'
 
+permissions:
+  contents: read
+  issues: write
+  pull-requests: write
+
 concurrency: snyk-issue
 
 jobs:
-  whitesource:
+  snyk:
     runs-on: ubuntu-latest
     steps:
     - name: checkout action
diff --git a/.github/workflows/snyk-pr.yml b/.github/workflows/snyk-pr.yml
index 815ec87af..ae5363c4d 100644
--- a/.github/workflows/snyk-pr.yml
+++ b/.github/workflows/snyk-pr.yml
@@ -3,8 +3,14 @@ on:
   pull_request:
     branches:
       - master
+
+permissions:
+  contents: read
+  issues: write
+  pull-requests: write
+
 jobs:
-  whitesource:
+  snyk:
     runs-on: ubuntu-latest
     if: ${{ github.event.pull_request.user.login == 'sfc-gh-snyk-sca-sa' }}
     steps:
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 98b2616d5..ffaf3d5b2 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,5 +1,5 @@
 repos:
 - repo: git@github.com:snowflakedb/casec_precommit.git
-  rev: v1.3
+  rev: v1.29
   hooks:
   - id: secret-scanner