You are viewing an old version of this page. View the current version.
Kiuwan can support the work of developers in two ways: with an IDE Plug-In and with CI Integrations.
To see which CI integrations are supported, please visit this page: Developers - Integrations
Kiuwan IDE Plug-In
Kiuwan allows for a true shift-left approach by integrating with all the main IDEs.
Kiuwan for Developers is a plug-in for development IDEs that facilitates and automates compliance with security normatives, quality standards and best practices for several languages.
It provides the following benefits:
- Security Vulnerabilities Detection - The plug-in allows developers to detect and fix security vulnerabilities, such as Injection (SQL, XML, OS, etc), XSS, CSRF, etc., directly within their development IDEs.
- Adoption of Security and Coding Standards - The plug-in helps to ensure compliance to standards (CWE, OWASP, CERT-Java/C/C++, SANS-Top25, WASC, PCI-DSS, NIST, MISRA, BIZEC, ISO/IEC 25000 and ISO/IEC 9126) by automating the work. This plug-in connects with Kiuwan and harnesses the power of its quality models to prevent errors and automatically standardize the code.
- Automatic Error Prevention - The plug-in implements and monitors compliance to coding standards at the time the code is entered. Thus you can avoid errors and reduce the time and cost of debugging and testing activities.
The Kiuwan IDE Plug-in monitors and reports on the security, quality, and efficiency of your code at the point that it is written. This immediate feedback provides you with the opportunity to improve your code before it is delivered.
The Kiuwan IDE Plug-In can work in two different modes:
- Analyzer mode
It allows you to analyze your application source code directly within (and fully integrated into) your IDE. You can analyze the whole project (or just some specific files), then review the detected vulnerabilities and defects, fix them and re-analyze, without exiting your IDE.
- Remote Viewer mode
The plug-in also lets you "download" the vulnerabilities and defects stored in Kiuwan (in the last Baseline, or in a specific Delivery, or even the issues to be fixed according to a defined Action Plan). This way, you can go directly to the issues you must fix, just double-click on the defects and go directly to the offending line of code.
By using both modes, you can get a comprehensive understanding of:
- the server view of the application, and
- your local view of the defects according to the changes you are making to the source code
Analyzer and Remote Viewer modes are separately licensed.
Please check your Kiuwan License to see available modes.
The Kiuwan IDE Plug-In is available for following IDEs:
- Eclipse-based (Analyzer and Viewer)
- RAD (Rational Application Developer for WebSphere)
IBM Rational Developer for i Systems
IBM Rational Developer for z Systems
- Microsoft Visual Studio (Viewer)
- JetBrains (Viewer)
- IntelliJ IDEA,
- Android Studio
- Microsoft VS Code (Viewer)
For others IDEs and versions, please contact Kiuwan Technical Support
- No labels