SonarCloud has integrated with GitHub's code scanning feature, allowing developers to review security vulnerability lists directly within the GitHub interface for public and private repositories, independently of their SonarCloud plan. This integration provides a developer-first approach to easily find security vulnerabilities before they reach production, helping developers review and prioritize vulnerabilities during their code review process in a more convenient manner. With this integration, users can access code scanning alerts at the repository level or within pull requests, and can dismiss false positives with just two clicks, ensuring instant issue status synchronization between SonarCloud and GitHub. This feature is available for free for public projects or as part of the Advanced Security package for private repositories, and provides better security oversight to catch vulnerabilities before they reach production.