This section will show you how to integrate the Kiuwan IDE Plug-In into Eclipse-based IDEs. 

The Kiuwan Plug-In for JetBrains IDEs is available only in Viewer mode.

It has been successfully tested with for JetBrains 2018.*.* version of following products :

  • Intellij IDEA (2017.1 and above)
  • PhpStorm
  • PyCharm
  • Android Studio (3.0.1 and above)
  • CLion (2019.1)


Contents

Kiuwan IDE Plug-In

Kiuwan allows for a true shift-left approach by integrating with all the main IDEs.

Kiuwan for Developers is a plug-in for development IDEs that facilitates and automates compliance with security normatives, quality standards and best practices for several languages.

It provides the following benefits:

  • Security Vulnerabilities Detection - The plug-in allows developers to detect and fix security vulnerabilities, such as Injection (SQL, XML, OS, etc), XSS, CSRF, etc., directly within their development IDEs.
  • Adoption of Security and Coding Standards - The plug-in helps to ensure compliance to standards (CWE, OWASP, CERT-Java/C/C++, SANS-Top25, WASC, PCI-DSS, NIST, MISRA, BIZEC, ISO/IEC 25000 and ISO/IEC 9126) by automating the work. This plug-in connects with Kiuwan and harnesses the power of its quality models to prevent errors and automatically standardize the code.
  • Automatic Error Prevention - The plug-in implements and monitors compliance to coding standards at the time the code is entered. Thus you can avoid errors and reduce the time and cost of debugging and testing activities.

The Kiuwan IDE Plug-in monitors and reports on the security, quality, and efficiency of your code at the point that it is written. This immediate feedback provides you with the opportunity to improve your code before it is delivered.

Installation

Installation steps of the Kiuwan IDE Plug-In for JetBrains are the same for all the JetBrains' family of products. 

  1. Open File > Settings > Plugins 

  2. Then click Browse repositories .. 



  3. A new window will open. Here click Manage Repositories



  4. The following window will appear. 



  5. Click + (Add) button and add the Kiuwan Repository URL: https://static.kiuwan.com/download/jetbrains/plugins.xml


  6. After adding it, select the Kiuwan repository just created and click OK. You will see the Kiuwan plug-in, select it and click install



  7. After downloading it, click Restart IntelliJ IDEA

Configuration

Connect to Kiuwan

After the installation, you need to configure the Kiuwan Plug-In to connect to Kiuwan. Please remember that you need to have a valid Kiuwan Account.

InstructionsImage

Go to File > Settings and select Tools > Kiuwan > Connection Settings

Proxy settings

If you are using a proxy, please configure Proxy configuration.

The Kiuwan server URL comes preconfigured (leave it with default value)

Fill in User and Password fields with your Kiuwan account's credentials.

Click Save and check configuration before applying changes.



Map your Idea Project to the Kiuwan Application

After the installation, you are ready to map your Idea project to a Kiuwan application.

This action will allow synchronizing defects and vulnerabilities found by Kiuwan in your source code, getting them ready for fixing.


To map your Idea project to Kiuwan, open File >  Settings and select Tools > Kiuwan > Remote Application.

A dialog will open with a combination of available applications where you can select the application that matches your project in the Kiuwan account.




Kiuwan Defects List

Once mapped, go to Tools > Show Kiuwan Defects to open the Kiuwan Defects List.

The Kiuwan Defect List window will appear docked to your Idea layout. Double-click on a defect to open the file and highlight the line of the defect.


Right-click the defect and select Rule information to open a browser with the documentation of the Kiuwan rule that detected the selected vulnerability.

To get access to Rule information, please use same credentials as those configured in Connection Properties.


Refreshing the Defects List

To be sure you are working on the latest list of defects found by Kiuwan, you need to manually refresh the defect list.

Clicking on the   icon will update the Kiuwan Defects List to the latest contents of the Kiuwan servers.

Configuring the Contents of the Defects List

Clicking on the   icon will allow the configuration of the contents of the Kiuwan Defects List.


Please visit K4D for Eclipse - Server defects list for a full description of available options.

Support and Troubleshooting 

If you experience problems with the Kiuwan plugin for IntelliJ IDEA, you can read the Kiuwan Documentation to find a solution, or if you prefer you can collect troubleshooting information and send it to us.

Support Information

Important information for troubleshooting is scattered across several log and configuration files.

To make this process easier to you, just go to Settings >> Tools >> Kiuwan >> Support and press the Extract support data button.

Choose the folder where you want to save this information, and submit to our technical support team the compressed file generated there. 

Visit Contact Kiuwan Technical Support on how to contact us. We will address your problem as soon as possible.


  • No labels