diff --git a/src/pkg/securityhub/dao/security.go b/src/pkg/securityhub/dao/security.go
index 20495a04da6e..807ca0a53fb7 100644
--- a/src/pkg/securityhub/dao/security.go
+++ b/src/pkg/securityhub/dao/security.go
@@ -49,7 +49,7 @@ limit 5`
 
 	// sql to query the total artifact count, exclude the artifact accessory, and child artifact in image index
 	totalArtifactCountSQL = `SELECT COUNT(1)
-FROM artifact A
+FROM artifact a
 WHERE NOT EXISTS (select 1 from artifact_accessory acc WHERE acc.artifact_id = a.id)
   AND (EXISTS (SELECT 1 FROM tag WHERE tag.artifact_id = a.id)
     OR NOT EXISTS (SELECT 1 FROM artifact_reference ref WHERE ref.child_id = a.id))`
@@ -64,13 +64,10 @@ WHERE EXISTS (SELECT 1
                 AND s.registration_uuid = ?)
     -- exclude artifact accessory
     AND NOT EXISTS (SELECT 1 FROM artifact_accessory acc WHERE acc.artifact_id = a.id)
-    -- exclude artifact without tag and part of the image index
-    AND EXISTS (SELECT 1
-                FROM tag
-                WHERE tag.artifact_id = id
-                   OR (NOT EXISTS (SELECT 1 FROM artifact_reference ref WHERE ref.child_id = a.id)))
-   -- include image index which is scanned
-   OR EXISTS (SELECT 1
+    -- not a child without tag
+    AND NOT EXISTS (SELECT 1 FROM artifact_reference WHERE child_id = a.id AND NOT EXISTS (SELECT 1 FROM tag WHERE artifact_id = a.id))
+    -- include image index which is scanned
+    OR EXISTS (SELECT 1
               FROM scan_report s,
                    artifact_reference ref
               WHERE s.digest = ref.child_digest