SonarQube has become a leading Open Source Platform to manage Java code quality, aiming to democratize access to code quality management by handling Quality, Security, and Architecture aspects. To address security, Sonar currently employs security rules that detect vulnerabilities, but lacks the ability to group these rules by categories. Users can leverage the Security Rules Plugin or manually search for available security rules, which include detection of SQL Injection Vulnerabilities, Password Management issues, Error Handling flaws, Insecure direct object references, and more. To expand this set of existing rules, users are encouraged to create Jira tickets requesting new security-related features. SonarQube's goal is to provide a comprehensive platform for identifying and addressing security vulnerabilities in Java code.