OWASP IDE-VulScanner is an open source IDE plugin tool to analyze an application’s components. It is built on top of OWASP Dependency Check, which scans your application’s component vulnerabilities during implementation phase.
- Vulnerability code scan during implementation phase
- Save security patch & maintenance costs
- Low overall high & critical vulnerabilities counts
How it works
- Tool uses OWASP Dependency Check, which is a software compisition analysis (SCA) tool
- Any third party dependency used within code can be analyzed from a developer’s IDE. This would prevent overall code from a potential security risk
- Plugins supporting common IDEs i.e. eclipse, IntelliJ, vscode are easy to install. Gives a developer a comprehensive view of all the vulnerable dependencies used within code with recommended fix