Your team is using Google Cloud Build for CI/CD pipelines and wants to ensure the codebase is free from known security issues. You need a solution that scans your source code for any vulnerabilities as part of the automated pipeline. What action should you take?