diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 60762a16..35e4661b 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -32,7 +32,7 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  analyze:
+  scan:
     runs-on: ubuntu-latest
     timeout-minutes: 360
     permissions:
diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml
index 46f2bb62..1912ecfb 100644
--- a/.github/workflows/qodana.yml
+++ b/.github/workflows/qodana.yml
@@ -21,7 +21,7 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  qodana:
+  scan:
     # Skip push event by dependabot to avoid permission issues.
     if: ${{ github.actor != 'dependabot[bot]' || github.event_name != 'push' }}
     runs-on: ubuntu-latest
@@ -41,7 +41,7 @@ jobs:
           key: ${{ runner.os }}-qodana-${{ github.ref }}-${{ hashFiles('**/*.csproj') }}
           restore-keys: |
             ${{ runner.os }}-qodana-${{ github.ref }}
-      - name: 🔬 Qodana Scan
+      - name: 🔬 qodana scan
         uses: JetBrains/qodana-action@v2023.3
         with:
           pr-mode: false
@@ -54,7 +54,7 @@ jobs:
           additional-cache-key: ${{ runner.os }}-qodana-${{ github.ref }}
         env:
           QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
-      - name: 📊 Upload SARIF file for GitHub Advanced Security Dashboard
+      - name: 📊 upload sarif file for GitHub Advanced Security Dashboard
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index 2b19aff3..8d27b249 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -23,10 +23,14 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  semgrep:
-    # Skip push event by dependabot to avoid permission issues.
-    if: ${{ github.actor != 'dependabot[bot]' || github.event_name != 'push' }}
+  scan:
+    # Skip any PR created by dependabot to avoid permission issues:
+    if: ${{ github.actor != 'dependabot[bot]' }}
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      checks: write
+      security-events: write
     container:
       # A Docker image with Semgrep installed. Do not change this.
       image: semgrep/semgrep
@@ -35,11 +39,11 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0 
-      - name: 🔬 Semgrep Scan
+      - name: 🔬 semgrep scan
         run: semgrep ci --sarif > semgrep.sarif
         env:
           SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
-      - name: 📊 Upload SARIF file for GitHub Advanced Security Dashboard
+      - name: 📊 upload sarif file for GitHub Advanced Security Dashboard
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: semgrep.sarif
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
index 1fa3635f..6908d89b 100644
--- a/.github/workflows/snyk.yml
+++ b/.github/workflows/snyk.yml
@@ -23,7 +23,7 @@ concurrency:
   cancel-in-progress: true
   
 jobs:
-  snyk:
+  scan:
     runs-on: ubuntu-latest
     permissions:
       actions: read
@@ -50,7 +50,7 @@ jobs:
         with:
           args: --file=src/Objectivity.AutoFixture.XUnit2.AutoMock.sln
           command: monitor
-      - name: 📊 upload SARIF file for GitHub Advanced Security Dashboard
+      - name: 📊 upload sarif file for GitHub Advanced Security Dashboard
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: snyk.sarif