You can use security overview to see how CodeQL is performing in pull requests for repositories across your organizations, and to identify repositories where you may need to take action.| GitHub Docs
You can use rulesets to set code scanning merge protection for pull requests.| GitHub Docs
When code scanning identifies a problem in a pull request, you can review the highlighted code and resolve the alert.| GitHub Docs
From the security view, you can view, fix, or dismiss alerts for potential vulnerabilities or errors in your project's code.| GitHub Docs
GitHub provides a variety of tools you can use to audit and monitor actions taken in response to security alerts.| GitHub Docs
Quickly set up code scanning to find and fix vulnerable code automatically.| GitHub Docs
You can configure advanced setup for a repository to find security vulnerabilities in your code using a highly customizable code scanning configuration.| GitHub Docs
Rulesets help you to control how people can interact with branches and tags in a repository.| GitHub Docs
Common Vulnerability Scoring System v3.1: Specification Document| FIRST — Forum of Incident Response and Security Teams