Contents:

 

Kiuwan IDE Plug-In

Kiuwan allows for a true shift-left approach by integrating with all the main IDEs.

Kiuwan for Developers is a plug-in for development IDEs that facilitates and automates compliance with security normatives, quality standards and best practices for several languages.

It provides the following benefits:

  • Security Vulnerabilities Detection - The plug-in allows developers to detect and fix security vulnerabilities, such as Injection (SQL, XML, OS, etc), XSS, CSRF, etc., directly within their development IDEs.
  • Adoption of Security and Coding Standards - The plug-in helps to ensure compliance to standards (CWE, OWASP, CERT-Java/C/C++, SANS-Top25, WASC, PCI-DSS, NIST, MISRA, BIZEC, ISO/IEC 25000 and ISO/IEC 9126) by automating the work. This plug-in connects with Kiuwan and harnesses the power of its quality models to prevent errors and automatically standardize the code.
  • Automatic Error Prevention - The plug-in implements and monitors compliance to coding standards at the time the code is entered. Thus you can avoid errors and reduce the time and cost of debugging and testing activities.

The Kiuwan IDE Plug-in monitors and reports on the security, quality, and efficiency of your code at the point that it is written. This immediate feedback provides you with the opportunity to improve your code before it is delivered.

Working modes 

The Kiuwan IDE Plug-In can work in two different modes:

  • Analyzer mode

It allows you to analyze your application source code directly within (and fully integrated into) your IDE. You can analyze the whole project (or just some specific files), then review the detected vulnerabilities and defects, fix them and re-analyze, without exiting your IDE.

  • Remote Viewer mode

The plug-in also lets you "download" the vulnerabilities and defects stored in Kiuwan (in the last Baseline, or in a specific Delivery, or even the issues to be fixed according to a defined Action Plan). This way, you can go directly to the issues you must fix, just double-click on the defects and go directly to the offending line of code.


By using both modes, you can get a comprehensive understanding of:

  • the server view of the application, and 
  • your local view of the defects according to the changes you are making to the source code

 

Analyzer and Remote Viewer modes are separately licensed.

Please check your Kiuwan License to see available modes.

 

Supported IDEs 

Kiuwan for Developers is available for following IDEs:

For others IDEs and versions, please contact Kiuwan Technical Support