diff --git a/.github/workflows/reusable_build_docker.yaml b/.github/workflows/reusable_build_docker.yaml
index c67fd12e..a0c5a06c 100644
--- a/.github/workflows/reusable_build_docker.yaml
+++ b/.github/workflows/reusable_build_docker.yaml
@@ -43,8 +43,7 @@ jobs:
 
       - name: Build falco image
         run: |
-          cd ${{ github.workspace }}/docker/falco/
-          docker build -t docker.io/falcosecurity/falco:${{ inputs.arch }}-${{ inputs.tag }} \
+          docker build -f docker/falco/Dockerfile -t docker.io/falcosecurity/falco:${{ inputs.arch }}-${{ inputs.tag }} \
             --build-arg VERSION_BUCKET=bin${{ inputs.bucket_suffix }} \
             --build-arg FALCO_VERSION=${{ inputs.version }} \
             --build-arg TARGETARCH=${TARGETARCH} \
@@ -53,8 +52,7 @@ jobs:
 
       - name: Build falco-debian image
         run: |
-          cd ${{ github.workspace }}/docker/falco-debian/
-          docker build -t docker.io/falcosecurity/falco:${{ inputs.arch }}-${{ inputs.tag }}-debian \
+          docker build -f docker/falco-debian/Dockerfile -t docker.io/falcosecurity/falco:${{ inputs.arch }}-${{ inputs.tag }}-debian \
             --build-arg VERSION_BUCKET=deb${{ inputs.bucket_suffix }} \
             --build-arg FALCO_VERSION=${{ inputs.version }} \
             --build-arg TARGETARCH=${TARGETARCH} \
@@ -63,8 +61,7 @@ jobs:
 
       - name: Build falco-driver-loader image
         run: |
-          cd ${{ github.workspace }}/docker/driver-loader/
-          docker build -t docker.io/falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ inputs.tag }} \
+          docker build -f docker/driver-loader/Dockerfile -t docker.io/falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ inputs.tag }} \
             --build-arg FALCO_IMAGE_TAG=${{ inputs.arch }}-${{ inputs.tag }} \
             --build-arg TARGETARCH=${TARGETARCH} \
             .
@@ -72,8 +69,7 @@ jobs:
 
       - name: Build falco-driver-loader-buster image
         run: |
-          cd ${{ github.workspace }}/docker/driver-loader-buster/
-          docker build -t docker.io/falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ inputs.tag }}-buster \
+          docker build -f docker/driver-loader-buster/Dockerfile -t docker.io/falcosecurity/falco-driver-loader:${{ inputs.arch }}-${{ inputs.tag }}-buster \
             --build-arg VERSION_BUCKET=deb${{ inputs.bucket_suffix }} \
             --build-arg FALCO_VERSION=${{ inputs.version }} \
             --build-arg TARGETARCH=${TARGETARCH} \
diff --git a/docker/driver-loader-buster/Dockerfile b/docker/driver-loader-buster/Dockerfile
index 24e96d99..051c5525 100644
--- a/docker/driver-loader-buster/Dockerfile
+++ b/docker/driver-loader-buster/Dockerfile
@@ -96,10 +96,8 @@ RUN curl -s https://falco.org/repo/falcosecurity-packages.asc | apt-key add - \
 	&& apt-get clean \
 	&& rm -rf /var/lib/apt/lists/*
 
-# Change the falco config within the container to enable ISO 8601
-# output.
-RUN sed -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' < /etc/falco/falco.yaml > /etc/falco/falco.yaml.new \
-	&& mv /etc/falco/falco.yaml.new /etc/falco/falco.yaml
+# Change the falco config within the container to enable ISO 8601 output.
+ADD scripts/falco/falco_iso8601_timeformat.yaml /etc/falco/config.d/
 
 # Some base images have an empty /lib/modules by default
 # If it's not empty, docker build will fail instead of
diff --git a/docker/falco-debian/Dockerfile b/docker/falco-debian/Dockerfile
index d8288b1e..6a2d5f1c 100644
--- a/docker/falco-debian/Dockerfile
+++ b/docker/falco-debian/Dockerfile
@@ -26,6 +26,7 @@ RUN curl -s https://falco.org/repo/falcosecurity-packages.asc | apt-key add - \
 	&& apt-get clean \
 	&& rm -rf /var/lib/apt/lists/*
 
-RUN sed -i -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' /etc/falco/falco.yaml
+# Change the falco config within the container to enable ISO 8601 output.
+ADD scripts/falco/falco_iso8601_timeformat.yaml /etc/falco/config.d/
 
 CMD ["/usr/bin/falco"]
diff --git a/docker/falco/Dockerfile b/docker/falco/Dockerfile
index 8868a3da..4a121705 100644
--- a/docker/falco/Dockerfile
+++ b/docker/falco/Dockerfile
@@ -28,7 +28,8 @@ RUN FALCO_VERSION_URLENCODED=$(echo -n ${FALCO_VERSION}|jq -sRr @uri) && \
     cp -r /falco/* / && \
     rm -rf /falco
 
-RUN sed -i -e 's/time_format_iso_8601: false/time_format_iso_8601: true/' /etc/falco/falco.yaml
+# Change the falco config within the container to enable ISO 8601 output.
+ADD scripts/falco/falco_iso8601_timeformat.yaml /etc/falco/config.d/
 
 # Falcoctl is not included here.
 RUN rm -rf /usr/bin/falcoctl /etc/falcoctl/
diff --git a/scripts/falco/falco_iso8601_timeformat.yaml b/scripts/falco/falco_iso8601_timeformat.yaml
new file mode 100644
index 00000000..20913450
--- /dev/null
+++ b/scripts/falco/falco_iso8601_timeformat.yaml
@@ -0,0 +1,2 @@
+# Enable iso 8601 time format on docker
+time_format_iso_8601: true
\ No newline at end of file