The security alerts enable you to review which vulnerabilities were detected in your projects' libraries. You can select in which scope to see the the alerts - the whole organization, a specific product, or specific project, all according to your role. You can also choose the time period for the alerts, for example, last three months or six months.
...
When performing any manual change to an alert's status, you can add optional free-text comments (up to 255 characters) to log your changes with the relevant details for future reference. The comments will appear in the changelog report, and also when hovering over the alert’s status in the alerts screen.
...