This section shows you how to integrate the Kiuwan Visual Studio Extension (Kiuwan IDE Plug-In) into Microsoft Visual Studio. 

The Kiuwan Visual Studio Extension is available only in Viewer Mode and supported for Visual Studio 2015 and 2017.


Contents

Kiuwan IDE Plug-In

Kiuwan allows for a true shift-left approach by integrating with all the main IDEs.

Kiuwan for Developers is a plug-in for development IDEs that facilitates and automates compliance with security normatives, quality standards and best practices for several languages.

It provides the following benefits:

  • Security Vulnerabilities Detection - The plug-in allows developers to detect and fix security vulnerabilities, such as Injection (SQL, XML, OS, etc), XSS, CSRF, etc., directly within their development IDEs.
  • Adoption of Security and Coding Standards - The plug-in helps to ensure compliance to standards (CWE, OWASP, CERT-Java/C/C++, SANS-Top25, WASC, PCI-DSS, NIST, MISRA, BIZEC, ISO/IEC 25000 and ISO/IEC 9126) by automating the work. This plug-in connects with Kiuwan and harnesses the power of its quality models to prevent errors and automatically standardize the code.
  • Automatic Error Prevention - The plug-in implements and monitors compliance to coding standards at the time the code is entered. Thus you can avoid errors and reduce the time and cost of debugging and testing activities.

The Kiuwan IDE Plug-in monitors and reports on the security, quality, and efficiency of your code at the point that it is written. This immediate feedback provides you with the opportunity to improve your code before it is delivered.

Installation

First, configure the Kiuwan Gallery to download the Kiuwan VS Extension from Kiuwan. 

  1. In Visual Studio, go to Tools > Options


  2. Open Environment >> Extension and Updates and Add a new one using the following URLs:
    1. For Visual Studio 2015 - 2019: https://static.kiuwan.com/download/vsgallery/atom.xml
    2. For Visual Studio 2022: https://static.kiuwan.com/download/vsgallery2022/atom.xml


  3. After Apply and OK, go to Tools > Extensions and Updates..


  4. Select Online > Kiuwan Gallery 


  5. Click Download. Then, you need to close Visual Studio to finish the installation.


  6. Click Modify and the Kiuwan Extension is downloaded and installed.

Configuration

Connect to Kiuwan

After installation, you need to configure the Kiuwan Extension to connect to Kiuwan. Please, remember that you need to have a valid Kiuwan Account.

InstructionsImage

Go to Tools > Options and select Kiuwan for Visual Studio > Connection properties

Proxy settings

If you are using a proxy, please configure Proxy Settings.

Click Check credentials before applying the changes with OK.

Map your VS Project to Kiuwan Application

After the installation, you are ready to map your VS project to a Kiuwan application.

This action allows you to synchronizing defects and vulnerabilities found by Kiuwan in your source code, getting them ready for fixing.

To map your VS project to Kiuwan, right-click on your project and select Kiuwan Project Properties.

A dialog opens with a combination of available applications where you can select the application that matches your project in the Kiuwan account.

Kiuwan Defects List

Once mapped, go to View > Other Windows > Kiuwan Defects Window to open the Kiuwan Defects List.

You can also open the Kiuwan Defects List by clicking on the Kiuwan icon  in the Solution Explorer toolbar

  


The Kiuwan Defect List window will appear docked to your VS layout. Double-clicking on a defect will open the file and highlight the line of the defect.


In case the selected defect is a injection vulnerability, you can see the Propagation Path at the Properties tab
Right-click a defect for two options: 

  1. Mark the defect as reviewed
  2. Open a browser window to see information about the rule (please use the same credentials as those configured in Connection Properties).



Refreshing Defects List

To be sure you are working on the latest list of defects found by Kiuwan, you need to manually refresh the defect list.Click the  icon to update the Kiuwan Defects List to the latest content of the Kiuwan servers.

Configuring the Contents of  Defects List

Click the  icon to configure the Contents of Kiuwan Defects List.


Configuring the Filters of  Defects List

Click the icon to configure Filters in the Kiuwan Defect List.

Support and Troubleshooting 

If you experience problems with the Kiuwan extension for Visual Studio, you can read the Kiuwan Documentation to find a solution, or if you prefer you can collect troubleshooting information and send it to us. Visit Contact Kiuwan Technical Support to learn how to contact us. We will address your problem as soon as possible.


  • No labels