The security alerts enable you to review which vulnerabilities were detected in your projects' libraries. You can select in which scope to see the the alerts - the whole organization, a specific product, or specific project, all according to your role. You can also choose the time period for the alerts, for example, last three months or six months.
...
When performing any manual change to an alert's status, you can add optional free-text comments to log your changes with the relevant details for future reference. The comments will appear in the changelog report, and also when hovering over the alert’s status in the alerts screen.
If the application identified any changes causing the alerts to be no longer relevant (for example, a library was upgraded to a newer version without the previous version's vulnerabilities), the application will change the alerts' status to resolved. It is important to note that you can use the alerts' statuses to better filter reports.
...