IDE Plugins for Developers

Visual Studio Code

Universal Security

• SonarLint - An IDE extension to detect and fix quality and security issues as you code.

• Snyk Vulnerability Scanner - Scans your code and dependencies for vulnerabilities and provides fixes.

• Semgrep - A fast, syntax-aware code analysis tool for finding bugs and enforcing code standards.

• Veracode - Integrates Veracode security scans directly into Visual Studio Code.

• Checkmarx - A security analysis tool that scans source code for vulnerabilities.

• DevSkim - A security linting extension that helps to detect security vulnerabilities in real-time.

• CodeSonar - A plugin for deep static analysis of code to find critical security vulnerabilities.

• Security Notes - An extension for taking and managing security notes.

• Trunk - Ensures code quality and adherence to coding standards.

Infrastructure as Code (IaC) Security

• Checkov - Static analysis for Terraform, Kubernetes, Docker, and CloudFormation to detect misconfigurations.

• Trivy - A comprehensive vulnerability scanner for containers and other artifacts.

• KICS - Detects security vulnerabilities, compliance issues, and infrastructure misconfigurations.

• Tenable - Ensures security and compliance in infrastructure as code.

PHP Security

• PHPStan - Focuses on finding bugs in PHP applications without requiring runtime execution.

• Psalm - A static analysis tool for finding errors in PHP applications.

• Phan - A static analyzer for PHP that helps to detect potential bugs.

• PHP Mess Detector - Analyzes PHP source code for potential problems such as bugs, suboptimal code, and overly complex expressions.

C/C++ Security

• Parasoft C/C++test - A comprehensive static analysis and testing tool for C/C++ codebases.

---

PyCharm

• Snyk - Identifies security vulnerabilities and license compliance issues in your open source dependencies. Provides detailed remediation advice and integrates seamlessly within PyCharm.

• Semgrep - A fast, syntax-aware code analysis tool for finding bugs and enforcing code standards.

• Python Security - A plugin to identify and fix security vulnerabilities in Python projects, helping maintain secure code practices.

• PyCharm Security Plugin - A security-focused plugin to identify vulnerabilities and ensure secure coding practices in PyCharm.