We are using SonarQube in our Production AWS pipeline.
Edition - Community
version - 8.9 LTS
does this above edition & version of SonarQube covers below security compliance
“Implement secure coding practice consistent with industry standards and best practices for new development activities, including without limitation, the Security Considerations in the System Development Life Cycle (SDLC) published by the National Institute of Standards and Technology, the U.S. Department of Commerce; ISO/IEC 27034 Information technology – Security techniques – Applications security, published by the International Organization for Standardization and Security by Design from Cyber Security Agency of Singapore throughout the SDLC.”