Versions Compared

Old Version 9

changes.mady.by.user Kiuwan Editor User

Saved on

compared with

New Version 13

changes.mady.by.user Giulia di Pietro

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

This section will show you how to integrate the Kiuwan Visual Studio Extension (Kiuwan IDE Plug-In) into Microsoft Visual Studio. 

Info

...

Kiuwan for Developers (K4D) for MS Visual Studio is a Visual Studio extension that facilitates and automates compliance with security normatives, quality standards and best practices for several languages.

It provides the following benefits:

  • Security Vulnerabilities Management- Kiuwan for Developers allows developers to access and fix security vulnerabilities such as Injection (SQL, XML, OS, etc), XSS, CSRF, etc., found by Kiuwan scans, right on their development IDEs.
  • Adoption of Security and Coding Standards – Ensuring the compliance of standards (CWE, OWASP, CERT-Java/C/C++, SANS-Top25, WASC, PCI-DSS, NIST, MISRA, BIZEC, ISO/IEC 25000 and ISO/IEC 9126) by a development department can be a long and tedious task without the support of some sort of tool that will facilitate and automate this work. This plugin connects with Kiuwan and harness the power of its security models and audits to enforce security standards and policies.
  • Full vulnerabilities documentation – Developers have access, right on their IDEs, to the full Kiuwan vulnerabilities documentation of any of the displayed vulnerabilities listed for the specific projects. This includes code samples on how to fix them in the same language of the project.

 

K4D is supported in VisualStudio 2015 and 2017

The Kiuwan Visual Studio Extension is available only in Viewer Mode and supported for Visual Studio 2015 and 2017.


Contents

Table of Contents

Excerpt Include
Kiuwan for Developers
Kiuwan for Developers
nopaneltrue

Installation

First,

 

Installation

...

configure the Kiuwan Gallery to download

...

the Kiuwan VS Extension from Kiuwan.

...

 

  1. In Visual Studio, go to Tools

...

  1. > Options 

    Image Modified

  2. Open Environment >> Extension and Updates and Add a new one with URL: https://www.kiuwan.com/pub/vsgallery/atom.xml

    Image Modified

  3. After Apply and OK,

...

  1. go to Tools

...

  1. > Extensions and Updates..

    Image Modified

  2. Select Online

...

  1. > Kiuwan Gallery

...

  1.   

    Image Modified

  2. Click Download.

...

  1. Then, you need to close

...

  1. Visual Studio to finish the installation. 


  1. Image Modified

  2. Click Modify and

...

  1. the Kiuwan Extension is downloaded and installed.

    Image Modified

 

Configuration

Connect to Kiuwan

After installation, you need to configure

...

the Kiuwan Extension to connect to Kiuwan. Please, remember that you need to have a valid Kiuwan Account.

InstructionsImage

Go

...

to Tools

...

> Options

...

 and select Kiuwan for Visual Studio

...

> Connection properties

...

Info
titleProxy settings

...

If you are using a proxy, please configure Proxy Settings.

Image Removed

 

...


Click Check credentials

...

 before applying the changes with OK.

...

Image Added

Map your VS Project to Kiuwan Application

After

...

the installation, you are ready to map your VS project to a Kiuwan application.

Info
This action will allow synchronizing defects and vulnerabilities found by Kiuwan

...

in your source code,

...

getting them ready for fixing.


To map your VS project to Kiuwan, right-click on your project and select Kiuwan Project Properties.

...

Image Modified

...



A dialog will open with a

...

combination of available applications where you can select the application that matches your project in the Kiuwan account.

...

Image Modified

Kiuwan Defects List

Once mapped,

...

go to View > Other Windows

...

> Kiuwan Defects Window

...

Image Removed

...

to open the Kiuwan Defects List.Image Added

You can also open the Kiuwan Defects List by clicking on the Kiuwan icon Image Modified

...

in the Solution Explorer toolbar

 Image Modified 

 


The Kiuwan Defect List window will appear

...

docked to your VS layout. Double-clicking on a defect will open the file and

...

highlight the line of the defect.

Image Modified

 


In case the selected defect is a injection vulnerability, you can see the Propagation Path at the Properties tab

...

Image Modified

...


 

Right-

...

click on a defect

...

for two options: 

  1. Mark the defect as reviewed
  2. Open a browser window to see information about the rule (please use the

Image Removed

 

Also, right-clicking on the defect and selecting Rule information will open the documentation of the Kiuwan rule that detected the selected defect.

...

  1. same credentials as those configured in Connection Properties).

...


Image Added

Image Modified

Refreshing Defects List

...

To be sure you are working on the

...

latest list of defects found by Kiuwan, you need to manually refresh the defect list.

...

Click the Image Modified icon

...

to update the Kiuwan Defects List to the latest

...

content of the Kiuwan servers.

Configuring the Contents of  Defects List

...

Click the Image Modified icon

...

to configure the Contents of Kiuwan Defects List.


Image Modified

Configuring the Filters of  Defects List

...

Click the Image Modifiedicon

...

to configure Filters

...

in the Kiuwan Defect List.

Image Modified

...

Support and Troubleshooting 

If you experience problems with the Kiuwan extension for Visual Studio, you can read the Kiuwan Documentation to find a solution, or if you prefer you can collect troubleshooting information and send it to us.

...

 Visit Contact Kiuwan Technical Support

...

 to learn how to contact us. We will address your problem as soon as possible.

...