diff --git a/sysinv/sysinv/sysinv/test-requirements.txt b/sysinv/sysinv/sysinv/test-requirements.txt
index 685aa6e289..ef0601ec04 100644
--- a/sysinv/sysinv/sysinv/test-requirements.txt
+++ b/sysinv/sysinv/sysinv/test-requirements.txt
@@ -3,7 +3,7 @@
 # process, which may cause wedges in the gate later.
 hacking>=1.1.0,<=2.0.0 # Apache-2.0
 astroid <= 2.2.5
-bandit;python_version>="3.0"
+bandit<1.7.2;python_version>="3.0"
 coverage>=3.6
 fixtures>=3.0.0 # Apache-2.0/BSD
 mock>=2.0.0 # BSD
diff --git a/sysinv/sysinv/sysinv/tox.ini b/sysinv/sysinv/sysinv/tox.ini
index 3ade0f0e67..73e1abd858 100644
--- a/sysinv/sysinv/sysinv/tox.ini
+++ b/sysinv/sysinv/sysinv/tox.ini
@@ -169,7 +169,7 @@ skips = B101,B103,B104,B105,B108,B110,B303,B307,B310,B311,B314,B318,B320,B404,B4
 exclude = tests
 
 [testenv:bandit]
-basepython = python3
+basepython = python3.6
 deps = -r{toxinidir}/test-requirements.txt
 commands = bandit --ini tox.ini -n 5 -r sysinv