The security analysis runs on the following events :-

1. First full analysis when you connect your repository for the first time

2. Push event on your repository - we analyze the changes only for every push

3. Pull requests / Merge requests - we analyze the changes that will be merged.