Security scans section appears on the repository detail page.
Where to configure
Security scans are configured underRepositories, which requires a Workspace admin (platform admins also have access). Open the target repository and find the Security scans section.

- enable or disable recurring scans;
- choose the scan interval;
- start an on-demand scan when allowed;
- open the latest result;
- track the vulnerability count, affected packages, and worst severity.
What appears in the result
A scan result can include:| Information | Purpose |
|---|---|
| affected package | dependency with a known vulnerability |
| current version | version detected in the repository |
| fixed version | recommended version when available |
| severity | remediation priority |
| advisory | public vulnerability reference |
| affected paths | where the dependency appears |
How to enable
On-demand scans
When on-demand scans are available, use one to validate a fix, review a newly connected repository, or investigate an alert. For automations, use API keys with:SecurityScans.Readto list and retrieve results;SecurityScans.Writeto start scans.
Common limitations
A scan might not run when:- the repository is not ready yet;
- the linked credential lost permission;
- the provider does not support the required action;
- the repository does not contain recognized dependency manifests;
- another scan is already running for the same repository.
Audit Trail to investigate.