SonarQube is a code quality tool that provides transparent and accessible code analysis, but its default configuration can be compromised by unauthorized access. To address this issue, SonarQube has introduced various security features since version 1.12, allowing users to secure their instances with features such as forced login, project isolation, and role-based access control. These new functionalities enable organizations to implement robust enterprise security policies without compromising the transparency of SonarQube for non-activated users. The security policy is based on user, group, and role concepts, which can be customized through the web interface using tools like OpenLDAP or Microsoft Active Directory as external authentication engines.