Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Introduction

...

This page describes the Kiuwan IDE Plug-In. 

Contents

Children Display

 

Excerpt

Kiuwan IDE Plug-In

Kiuwan allows for a true shift-left approach by integrating with all the main IDEs.

Kiuwan for Developers is a plug-in for

...

development IDEs that facilitates and automates compliance with security normatives, quality standards and best practices for several languages.

It provides the following benefits:

...

  • Security Vulnerabilities Detection - The plug-in allows developers to detect and fix security vulnerabilities, such as Injection (SQL, XML, OS, etc), XSS, CSRF, etc., directly within their development IDEs.
  • Adoption of Security and Coding Standards - The plug-in helps to ensure compliance to standards (CWE, OWASP, CERT-Java/C/C++, SANS-Top25, WASC, PCI-DSS, NIST, MISRA, BIZEC, ISO/IEC 25000 and ISO/IEC 9126) by automating the work. This plug-in connects with Kiuwan and harnesses the power of its quality models to prevent errors and automatically

...

  • standardize the code.

...

  • Automatic Error Prevention - The plug-in implements and monitors compliance to coding standards at the time the code is entered. Thus you can avoid errors and reduce the time and cost of debugging and testing activities.

The Kiuwan IDE Plug-in monitors and reports on the security, quality, and efficiency of your code at the point that it is written. This immediate feedback provides you with the opportunity to improve your code before it is delivered.

Installation

 

Info

Kiuwan for Developers requires Java 8 or above —either JDK or JRE— is required.

You may download it from http://www.oracle.com/technetwork/java/javase/downloads/index.html.

Please visit Java 8 and JAVA_HOME for further info

 

To install Kiuwan for Developers just follow the steps below:

  1. Open Eclipse and, in the main menu, click on Help >> Install New Software...
  2. Select the Add... option and type the following values:
    1. Name: Kiuwan
    2. Location: https://www.kiuwan.com/pub/updatesite
  3. Pressing Ok will save this new update site and Eclipse will query our server to retrieve available features and plugins
  4. The Kiuwan for Developers feature will appear in the list below, check it and click on Next >
  5. Read and accept our Terms of Use
  6. Accept the certificate used to sign our product
  7. When the installation finishes and Eclipse asks to restart the IDE, please do so

 

Image Removed

 

Image Removed

 

If installation successfully completes, Kiuwan for Developers will be up and running upon restart!

The Welcome view will be shown with a new addition on top, Kiuwan for developers, which links with the Quick Start Guide integrated in the IDE. If you closed this view accidentally, you might open it again through Help >> Welcome.

The Quick Start Guide will help you:

  1. Configure your Kiuwan account and check that there are no problems with your connection and permissions.
  2. Add the Kiuwan Nature to the projects you want to analyze.
  3. Learn how and when Kiuwan for Developers analyze your sources.
  4. Learn about the views that display your analyses results.

Image Removed

Updates

Kiuwan for Developers checks automatically for updates on Eclipse startup and on a daily basis after that. If you need to check it manually, you can do so through the standard Eclipse mechanisms, or by simply going to Window >> Preferences >> Kiuwan and pressing the Check for updates button.

Support

If you experience problems with the Kiuwan plugin for Eclipse, you can read our documentation to try to fix it yourself, or if you prefer you can collect troubleshooting information and send it to us.

Context-sensitive help

A focused set of help topics that is related to the current context can be shown to users on demand using context-sensitive help. This form of user assistance is delivered to users when a platform-specific trigger is activated (e.g. F1 key on Windows, Ctrl+F1 on GTK, Help key on Carbon). Some contexts where help is available are preferences dialogs, project properties dialogs or views.

Troubleshooting

Important information for troubleshooting is scatered across several log and configuration files. To make this process easier to you, just go to Window >> Preferences >> Kiuwan >> Support and press the Extract support data button. Choose the folder where you want to save this information, and submit to our technical support team the compressed file generated there. 

See Troubleshooting on how to contact us. We will address your problem as soon as possible.

 

 

 

Working modes 

The Kiuwan IDE Plug-In can work in two different modes:

  • Analyzer mode

It allows you to analyze your application source code directly within (and fully integrated into) your IDE. You can analyze the whole project (or just some specific files), then review the detected vulnerabilities and defects, fix them and re-analyze, without exiting your IDE.

  • Remote Viewer mode

The plug-in also lets you "download" the vulnerabilities and defects stored in Kiuwan (in the last Baseline, or in a specific Delivery, or even the issues to be fixed according to a defined Action Plan). This way, you can go directly to the issues you must fix, just double-click on the defects and go directly to the offending line of code.


By using both modes, you can get a comprehensive understanding of:

  • the server view of the application, and 
  • your local view of the defects according to the changes you are making to the source code

 

Info

Analyzer and Remote Viewer modes are separately licensed.

Please check your Kiuwan License to see available modes.

 

Supported IDEs 

The Kiuwan IDE Plug-In is available for following IDEs:

For others IDEs and versions, please contact Kiuwan Technical Support