{"id":9451,"date":"2026-07-08T08:47:39","date_gmt":"2026-07-08T06:47:39","guid":{"rendered":"https:\/\/www.almtoolbox.com\/blog\/?p=9451"},"modified":"2026-07-13T11:36:10","modified_gmt":"2026-07-13T09:36:10","slug":"sonarqube-sca-sast-case-study-luxury-car","status":"publish","type":"post","link":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/","title":{"rendered":"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">The Challenge: Unexpected Security Risks, Low Visibility, and Delivery Disruptions<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Recently, a significant shift in the industry has increased complexity for engineering leadership: rapid growth in the complexity of the software supply chain, a steady rise in newly reported CVEs, and growing expectations for transparency and governance.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Dependency risk was no longer just a technical issue &#8211; it became a strategic threat to customer trust and delivery velocity.\u00a0<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/www.almtoolbox.com\/blog_he\/wp-content\/uploads\/2026\/06\/sonar-case-study.webp\" alt=\"Global Luxury Automaker sonarqube sast sca\" class=\"wp-image-13886\"\/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Similar to many modern development organizations, the team faced challenges of hidden dependency risks in complex build processes, unpredictable delivery pipelines, and persistent gaps in portfolio-level vulnerability visibility.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Their internally developed Software Composition Analysis (SCA) tool supported SBOM generation and identified known open-source vulnerabilities. However, as their dependency trees deepened and post-build threats emerged, the limitations became clear:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>It was almost impossible to track transitive (indirect) dependencies.&nbsp;<\/li>\n\n\n\n<li>Newly discovered vulnerabilities led to sudden and unpredictable build failures.&nbsp;<\/li>\n\n\n\n<li>Management struggled to obtain real-time insights across the entire portfolio, leading to time-consuming manual audits.&nbsp;<\/li>\n\n\n\n<li>Security and platform teams identified these &#8220;blind spots&#8221; as the &#8220;biggest pain point&#8221; in their governance model.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">The accumulation of vulnerabilities forces an urgent modernization of governance:<br>For years, the organization maintained the status quo until mounting risks created a tipping point. Vulnerabilities discovered post-build exposed business-critical pipelines. Unplanned downtime caused missed target dates, and developers dedicated significant time to manual triage, slowing down team progress.<br>&#8220;They needed to know, instantly and at scale, where they were exposed &#8211; and what was most important,&#8221; explained an engineering director.\u00a0<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">And so began the search for a solution built to address velocity, scale, and cross-team collaboration around governance and security.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">SonarQube Advanced Security Provides Immediate Portfolio Coverage&nbsp;<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The technology team at the global luxury automaker chose SonarQube Advanced Security to modernize their SCA workflows. The transition, which spanned hundreds of projects, was described by engineers as &#8220;as easy as it gets.&#8221; No custom configuration was required, and scan speeds outperformed their previous tools, saving time and reducing manual overhead. Engineers highlighted SonarQube as a &#8220;huge timesaver,&#8221; freeing up development and security resources for higher-impact work. Onboarding was straightforward and clear, scaling easily across projects.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Three SonarQube Advanced Security Capabilities Driving Secure and Predictable Software Delivery:&nbsp;<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Exploit-aware risk prioritization<\/strong>:<br>Rather than relying solely on CVSS scores, SonarQube&#8217;s SCA risk signals integrate sources like the CISA Known Exploited Vulnerabilities list and EPSS scores. This allows teams to prioritize remediation for vulnerabilities with known exploits, accelerating response to those posing a real-world threat.&nbsp;<\/li>\n\n\n\n<li><strong>Actionable Triage Process<\/strong>:<br>SonarQube&#8217;s intuitive dashboard provides rich context for vulnerabilities, even for deeply nested dependencies. Engineers noted, &#8220;The dashboard made everything clear. We could understand the problem right down to the specific library affected and act with confidence.&#8221; Real-time unified reports replaced manual exposure mapping across the portfolio. SonarQube&#8217;s unique data also includes deeper reviews of CVEs to deliver actionable guidance, directly from Sonar\u2019s contractual partnership with open-source maintainers. This human-curated intelligence significantly reduces the &#8220;noise&#8221; often associated with dependency scanning.\u00a0<br><p><em>A full demonstration of the dashboard is available (contact us &#8211; details below).<\/em><\/p><\/li>\n\n\n\n<li><strong>Stable and Predictable Pipelines<\/strong>:<br>Importantly, SCA findings have now been separated from quality gates.<br>In the past, newly discovered vulnerabilities could automatically fail builds; SonarQube allows teams to remediate at their own pace, preventing surprise failures and improving delivery consistency.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>The Result:<\/strong> Governance and Compliance scaled across applications using a unified SBOM and intelligent SCA.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">With SonarQube Advanced Security, the organization standardized SBOMs and SCA intelligence across applications and shared services, uniting code quality and security into a single workflow. Managers can now handle license compliance, monitor vulnerability exposure, and enforce code quality standards through quality gates and SCA dashboards. Platform and AppSec teams report reduced developer toil, improved velocity, and a repeatable framework for incident response. Their transformation highlights actionable insights, developer empowerment, and measurable business impact at scale.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What\u2019s Next: Preparing for Next-Generation Governance and Closing Remaining Security Blind Spots<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The next step involves addressing remaining governance gaps. With portfolio- and application-level component searching coming soon to SonarQube, management will gain the unified, cross-project visibility they need, turning &#8220;blind spots&#8221; into best practices.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">By implementing SonarQube Advanced Security, this global luxury automaker achieved scalable governance, a developer-centric approach, and alignment with the velocity and risk requirements of modern software development. This journey offers a practical blueprint for any Platform or AppSec leader looking to modernize code security while maintaining speed and control.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Summary:&nbsp;<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">&#8220;<em>The dashboard (of SonarQube) made everything clear. We could understand the problem right down to the specific library affected and act with confidence.<\/em>&#8221; <em>(<\/em>Development Team Engineer<em>)<\/em>&nbsp;<\/p>\n\n\n\n<div style=\"height:10px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<h4 class=\"wp-block-heading has-background\" style=\"background-color:#ebf6ff\">We officially represent Sonar solutions and offer licenses, consulting, support and training.<br>For more details, contact us:&nbsp;<a href=\"mailto:sonar@almtoolbox.com\" target=\"_blank\" rel=\"noreferrer noopener\">sonar@almtoolbox.com<\/a>&nbsp;or call us: 866-503-1471 (USA \/ Canada) or +31 85 064 4633<\/h4>\n\n\n\n<div style=\"height:17px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A customer story on using SonarQube to detect third-party vulnerabilities (SCA) as well as vulnerabilities in human- and AI-written code (SAST static code analysis) and improve quality.<\/p>\n","protected":false},"author":9,"featured_media":9450,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65,614,347],"tags":[434,849,433,559,846,847,848],"class_list":["post-9451","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-case-study","category-sonar","category-sonarqube","tag-code-quality","tag-customer-story","tag-sonar","tag-sonarqube-advanced-security","tag-sonarqube-quality","tag-sonarqube-sast","tag-success-story-2"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST - ALMtoolbox News<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST - ALMtoolbox News\" \/>\n<meta property=\"og:description\" content=\"A customer story on using SonarQube to detect third-party vulnerabilities (SCA) as well as vulnerabilities in human- and AI-written code (SAST static code analysis) and improve quality.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/\" \/>\n<meta property=\"og:site_name\" content=\"ALMtoolbox News\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/almtoolbox.israel\/\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-08T06:47:39+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-07-13T09:36:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.almtoolbox.com\/blog\/wp-content\/uploads\/\/2026\/07\/sonar-case-study.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"436\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Noa Harel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Noa Harel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/\"},\"author\":{\"name\":\"Noa Harel\",\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/#\\\/schema\\\/person\\\/a7d03132957d034fc2fc5454501a204a\"},\"headline\":\"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST\",\"datePublished\":\"2026-07-08T06:47:39+00:00\",\"dateModified\":\"2026-07-13T09:36:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/\"},\"wordCount\":821,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/wp-content\\\/uploads\\\/\\\/2026\\\/07\\\/sonar-case-study.webp\",\"keywords\":[\"code quality\",\"customer story\",\"Sonar\",\"SonarQube Advanced Security\",\"sonarqube quality\",\"sonarqube sast\",\"success story\"],\"articleSection\":[\"Case Study\",\"Sonar\",\"SonarQube\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/\",\"url\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/\",\"name\":\"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST - ALMtoolbox News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/wp-content\\\/uploads\\\/\\\/2026\\\/07\\\/sonar-case-study.webp\",\"datePublished\":\"2026-07-08T06:47:39+00:00\",\"dateModified\":\"2026-07-13T09:36:10+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/wp-content\\\/uploads\\\/\\\/2026\\\/07\\\/sonar-case-study.webp\",\"contentUrl\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/wp-content\\\/uploads\\\/\\\/2026\\\/07\\\/sonar-case-study.webp\",\"width\":800,\"height\":436},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/sonarqube-sca-sast-case-study-luxury-car\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/\",\"name\":\"ALMtoolbox News\",\"description\":\"All the news of ALMtoolbox\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/#organization\",\"name\":\"ALMtoolbox\",\"url\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/wp-content\\\/uploads\\\/\\\/2015\\\/10\\\/logo.png\",\"contentUrl\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/wp-content\\\/uploads\\\/\\\/2015\\\/10\\\/logo.png\",\"width\":410,\"height\":190,\"caption\":\"ALMtoolbox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/almtoolbox.israel\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/almtoolbox\\\/\",\"https:\\\/\\\/www.youtube.com\\\/user\\\/GoMidjets\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.almtoolbox.com\\\/blog\\\/#\\\/schema\\\/person\\\/a7d03132957d034fc2fc5454501a204a\",\"name\":\"Noa Harel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3ac19cddc8dc6e7e817cf650b22399303e8b6dd585bc90e4606b28ec87ef1943?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3ac19cddc8dc6e7e817cf650b22399303e8b6dd585bc90e4606b28ec87ef1943?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3ac19cddc8dc6e7e817cf650b22399303e8b6dd585bc90e4606b28ec87ef1943?s=96&d=mm&r=g\",\"caption\":\"Noa Harel\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST - ALMtoolbox News","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/","og_locale":"en_US","og_type":"article","og_title":"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST - ALMtoolbox News","og_description":"A customer story on using SonarQube to detect third-party vulnerabilities (SCA) as well as vulnerabilities in human- and AI-written code (SAST static code analysis) and improve quality.","og_url":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/","og_site_name":"ALMtoolbox News","article_publisher":"https:\/\/www.facebook.com\/almtoolbox.israel\/","article_published_time":"2026-07-08T06:47:39+00:00","article_modified_time":"2026-07-13T09:36:10+00:00","og_image":[{"width":800,"height":436,"url":"https:\/\/www.almtoolbox.com\/blog\/wp-content\/uploads\/\/2026\/07\/sonar-case-study.webp","type":"image\/webp"}],"author":"Noa Harel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Noa Harel","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/#article","isPartOf":{"@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/"},"author":{"name":"Noa Harel","@id":"https:\/\/www.almtoolbox.com\/blog\/#\/schema\/person\/a7d03132957d034fc2fc5454501a204a"},"headline":"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST","datePublished":"2026-07-08T06:47:39+00:00","dateModified":"2026-07-13T09:36:10+00:00","mainEntityOfPage":{"@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/"},"wordCount":821,"commentCount":0,"publisher":{"@id":"https:\/\/www.almtoolbox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/#primaryimage"},"thumbnailUrl":"https:\/\/www.almtoolbox.com\/blog\/wp-content\/uploads\/\/2026\/07\/sonar-case-study.webp","keywords":["code quality","customer story","Sonar","SonarQube Advanced Security","sonarqube quality","sonarqube sast","success story"],"articleSection":["Case Study","Sonar","SonarQube"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/","url":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/","name":"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST - ALMtoolbox News","isPartOf":{"@id":"https:\/\/www.almtoolbox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/#primaryimage"},"image":{"@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/#primaryimage"},"thumbnailUrl":"https:\/\/www.almtoolbox.com\/blog\/wp-content\/uploads\/\/2026\/07\/sonar-case-study.webp","datePublished":"2026-07-08T06:47:39+00:00","dateModified":"2026-07-13T09:36:10+00:00","breadcrumb":{"@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/#primaryimage","url":"https:\/\/www.almtoolbox.com\/blog\/wp-content\/uploads\/\/2026\/07\/sonar-case-study.webp","contentUrl":"https:\/\/www.almtoolbox.com\/blog\/wp-content\/uploads\/\/2026\/07\/sonar-case-study.webp","width":800,"height":436},{"@type":"BreadcrumbList","@id":"https:\/\/www.almtoolbox.com\/blog\/sonarqube-sca-sast-case-study-luxury-car\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.almtoolbox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Customer Story: How a Global Luxury Automaker Controlled Unexpected Code Risks with SonarQube SCA and SAST"}]},{"@type":"WebSite","@id":"https:\/\/www.almtoolbox.com\/blog\/#website","url":"https:\/\/www.almtoolbox.com\/blog\/","name":"ALMtoolbox News","description":"All the news of ALMtoolbox","publisher":{"@id":"https:\/\/www.almtoolbox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.almtoolbox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.almtoolbox.com\/blog\/#organization","name":"ALMtoolbox","url":"https:\/\/www.almtoolbox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.almtoolbox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.almtoolbox.com\/blog\/wp-content\/uploads\/\/2015\/10\/logo.png","contentUrl":"https:\/\/www.almtoolbox.com\/blog\/wp-content\/uploads\/\/2015\/10\/logo.png","width":410,"height":190,"caption":"ALMtoolbox"},"image":{"@id":"https:\/\/www.almtoolbox.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/almtoolbox.israel\/","https:\/\/www.linkedin.com\/company\/almtoolbox\/","https:\/\/www.youtube.com\/user\/GoMidjets"]},{"@type":"Person","@id":"https:\/\/www.almtoolbox.com\/blog\/#\/schema\/person\/a7d03132957d034fc2fc5454501a204a","name":"Noa Harel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/3ac19cddc8dc6e7e817cf650b22399303e8b6dd585bc90e4606b28ec87ef1943?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/3ac19cddc8dc6e7e817cf650b22399303e8b6dd585bc90e4606b28ec87ef1943?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3ac19cddc8dc6e7e817cf650b22399303e8b6dd585bc90e4606b28ec87ef1943?s=96&d=mm&r=g","caption":"Noa Harel"}}]}},"_links":{"self":[{"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/posts\/9451","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/comments?post=9451"}],"version-history":[{"count":4,"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/posts\/9451\/revisions"}],"predecessor-version":[{"id":9464,"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/posts\/9451\/revisions\/9464"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/media\/9450"}],"wp:attachment":[{"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/media?parent=9451"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/categories?post=9451"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.almtoolbox.com\/blog\/wp-json\/wp\/v2\/tags?post=9451"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}