diff --git a/ee/app/models/ee/merge_request.rb b/ee/app/models/ee/merge_request.rb
index 65f332fd8160333f70b9cc8bbd4218849262c2a9..8f69ed82ea99ec4db243e2fbb58f485caa5fdc96 100644
--- a/ee/app/models/ee/merge_request.rb
+++ b/ee/app/models/ee/merge_request.rb
@@ -336,7 +336,7 @@ def enabled_reports
         sast: report_type_enabled?(:sast),
         container_scanning: report_type_enabled?(:container_scanning),
         dast: report_type_enabled?(:dast),
-        dependency_scanning: report_type_enabled?(:dependency_scanning),
+        dependency_scanning: report_type_enabled?(:dependency_scanning) || report_type_enabled?(:cyclonedx),
         license_scanning: report_type_enabled?(:license_scanning),
         coverage_fuzzing: report_type_enabled?(:coverage_fuzzing),
         secret_detection: report_type_enabled?(:secret_detection),
@@ -349,7 +349,9 @@ def has_security_reports?
     end
 
     def has_dependency_scanning_reports?
-      !!diff_head_pipeline&.complete_or_manual_and_has_reports?(::Ci::JobArtifact.of_report_type(:dependency_list))
+      !!diff_head_pipeline&.complete_or_manual_and_has_reports?(::Ci::JobArtifact.with_file_types(%w[
+        dependency_scanning cyclonedx
+      ]))
     end
 
     def compare_dependency_scanning_reports(current_user)
diff --git a/ee/spec/models/merge_request_spec.rb b/ee/spec/models/merge_request_spec.rb
index 50da3398818084c58122159878f4ac0c8eda0ff0..c35f3982a331ef09c2575d8bb8bec51e2b5fd793 100644
--- a/ee/spec/models/merge_request_spec.rb
+++ b/ee/spec/models/merge_request_spec.rb
@@ -828,6 +828,7 @@
       :container_scanning  | [:with_container_scanning_reports]                         | :container_scanning
       :dast                | [:with_dast_reports]                                       | :dast
       :dependency_scanning | [:with_dependency_scanning_reports]                        | :dependency_scanning
+      :dependency_scanning | [:with_cyclonedx_reports]                                  | :dependency_scanning
       :license_scanning    | [:with_cyclonedx_reports]                                  | :license_scanning
       :coverage_fuzzing    | [:with_coverage_fuzzing_reports]                           | :coverage_fuzzing
       :secret_detection    | [:with_secret_detection_reports]                           | :secret_detection
@@ -923,6 +924,12 @@
 
         it { is_expected.to be_truthy }
       end
+
+      context 'when head pipeline has cyclonedx reports' do
+        let(:merge_request) { create(:ee_merge_request, :with_cyclonedx_reports, source_project: project) }
+
+        it { is_expected.to be_truthy }
+      end
     end
 
     context 'when head pipeline does not have dependency scanning reports' do