SonarQube integration
You can integrate API Security Audit with SonarQube to get audit reports on your OpenAPI files published directly part of your quality monitoring in SonarQube. As SonarQube itself is often triggered from your build server or CI/CD pipeline, this automates checking the quality of the OpenAPI definitions in your project and mitigates potential security issues. Any new files or changes that developers push to the repository are continuously audited.
For more details and to get the plugin, see CI/CD Tools.