diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
index ffeea55..c7aacdb 100644
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -9,17 +9,52 @@ updates:
     reviewers:
       - "openkcm/go-maintainers"
     schedule:
-      interval: daily
+      interval: weekly
+    commit-message:
+      prefix: "fix"
+      include: "scope"
+    groups:
+      gomod-group:
+        applies-to: version-updates
+        patterns:
+          - "*"
+        update-types:
+          - "minor"
+          - "patch"
     open-pull-requests-limit: 5
   - package-ecosystem: docker
     directory: /
     reviewers:
       - "openkcm/go-maintainers"
     schedule:
-      interval: daily
+      interval: weekly
+    commit-message:
+      prefix: "fix"
+      include: "scope"
+    groups:
+      docker-group:
+        applies-to: version-updates
+        patterns:
+          - "*"
+        update-types:
+          - "minor"
+          - "patch"
+    open-pull-requests-limit: 5
   - package-ecosystem: "github-actions"
     directory: "/"
     reviewers:
       - "openkcm/go-maintainers"
     schedule:
-      interval: "daily"
\ No newline at end of file
+      interval: weekly
+    commit-message:
+      prefix: "fix"
+      include: "scope"
+    groups:
+      actions-group:
+        applies-to: version-updates
+        patterns:
+          - "*"
+        update-types:
+          - "minor"
+          - "patch"
+    open-pull-requests-limit: 5
\ No newline at end of file
diff --git a/.github/workflows/sonar.yaml b/.github/workflows/sonar.yaml
new file mode 100644
index 0000000..c5ddd95
--- /dev/null
+++ b/.github/workflows/sonar.yaml
@@ -0,0 +1,16 @@
+name: Sonar Analysis Secure
+
+on:
+  workflow_run:
+    workflows: ["Quality"]
+    types:
+      - completed
+
+permissions:
+  contents: read
+  statuses: write
+
+jobs:
+  check:
+    uses: openkcm/build/.github/workflows/sonar.yaml@main
+    secrets: inherit
\ No newline at end of file