API DocsDashboard

IntelliJ

AquilaX AppSec IntelliJ IDEA Plugin Documentation

The AquilaX AppSec plugin for IntelliJ IDEA brings powerful security analysis directly into your development workflow. It integrates seamlessly with the AquilaX platform to provide real-time vulnerability detection, detailed findings, and automated scanning capabilities right within your IDE.

Version: 1.0.2 Vendor: AquilaX

Key Features

  • πŸ›‘οΈ Real-time Security Analysis: Detect vulnerabilities as you code.

  • πŸ” In-Editor Highlighting: Visual indicators for security findings directly in your source files.

  • πŸ“Š Comprehensive Dashboard: Manage organizations, groups, and scans from a dedicated tool window.

  • πŸ€– Automated Scanning: Trigger and monitor security scans without leaving IntelliJ.

  • πŸ“ Detailed Reports: View severity, rule IDs, descriptions, and remediation recommendations.

  • πŸ”— Deep Integration: Direct links to the AquilaX web dashboard for in-depth analysis.

Installation

Option 1: JetBrains Marketplace

  1. Open IntelliJ IDEA.

  2. Navigate to Settings (or Preferences on macOS) β†’ Plugins.

  3. Select the Marketplace tab.

  4. Search for "AquilaX AppSec".

  5. Click Install.

  6. Restart the IDE if prompted.

Option 2: Manual Installation

  1. Download the plugin ZIP file from the AquilaX Releases Page.

  2. Open Settings β†’ Plugins.

  3. Click the Gear Icon βš™οΈ and select Install Plugin from Disk....

  4. Select the downloaded ZIP file.

  5. Restart the IDE.

Getting Started

1. Accessing the Tool Window

After installation, you will see a new tool window named "AquilaX AppSec" on the right sidebar of your IDE. Click it to open the dashboard.

2. Authentication

You can authenticate using one of two methods:

Method A: Sign In with Browser (Recommended)

  1. Click the "Sign In with Browser" button in the tool window.

  2. Your default web browser will open to the AquilaX login page.

  3. Complete the authentication process.

  4. You will be redirected back to IntelliJ IDEA automatically.

Method B: Personal Access Token (PAT)

  1. Generate a Personal Access Token from your Aquilax Profile.

  2. In the plugin tool window, enter your token in the "Enter Personal Access Token (PAT)" field.

  3. Click "Connect with PAT".

Using the Plugin

Dashboard Configuration

Once logged in, you need to select your context:

  1. Organization: Select your target organization from the dropdown.

  2. Group: Select the specific project group you are working on.

Running a Scan

To initiate a new security scan:

  1. Ensure an Organization and Group are selected.

  2. Click the "Scan Now" button.

  3. The status label will update to show "Scan in progress...".

  4. You can monitor the status or click "Cancel Scan" if needed.

Viewing Findings

If a scan has already been completed, or once a new scan finishes:

  1. Click "See Findings" (or "Fetch Findings").

  2. The plugin will retrieve all vulnerabilities and display a summary in the console.

  3. The Status Bar at the bottom of the IDE will update to show the total number of findings.

In-Editor Experience

Code Highlighting

The plugin automatically highlights vulnerable code segments in your open files:

  • πŸ”΄ Red Highlight: Confirmed True Positive vulnerabilities.

  • 🟠 Orange Highlight: Unverified findings that may require review.

Tooltips & Details

Hover over any highlighted code to see a detailed tooltip containing:

  • Severity Icon: (πŸ”΄ High, 🟠 Medium, 🟒 Low)

  • Rule ID: The specific security rule violated.

  • Description: Explanation of the vulnerability.

  • Vulnerability Snippet: The specific code flagged.

  • Recommendation: How to fix the issue.

  • View Details Link: A direct link to the finding in the AquilaX Web Dashboard.

Project View Integration

Files containing security findings are marked with error indicators in the Project view, making it easy to identify which files need attention at a glance.

Troubleshooting

"Failed to load organizations"

  • Check your internet connection.

  • Your session may have expired. Click Logout and sign in again.

"No scan found"

  • Ensure you have selected the correct Organization and Group.

  • Click "Scan Now" to start a fresh analysis.

Highlights not appearing

  • Ensure the file is part of the scanned project.

  • Try closing and reopening the file to refresh the findings.

Support

For additional assistance, please contact our support team:

PreviousVS CodeNextFrameworks

Last updated

Was this helpful?