VS Code

Overview

The AquilaX IDE Plugin is an extension for Visual Studio Code (VS Code) that seamlessly integrates AquilaX’s vulnerability detection capabilities directly into the development environment. This plugin empowers developers by highlighting vulnerabilities identified during scans, enabling quick remediation and improving code security within the IDE.

Key Features

• Real-Time Vulnerability Highlighting: Automatically display security issues in the code editor as they are identified.

• Integration with AquilaX Scans: Fetches results from AquilaX scans and maps them to specific lines of code in the IDE.

• Actionable Insights: Provides detailed information about vulnerabilities, including severity, type, and remediation steps.

• Ease of Use: Simple installation and setup directly through the VS Code marketplace.

Installation

1. Install from the Visual Studio Code Marketplace

• Open Visual Studio Code.

• Navigate to the Extensions view by clicking on the Extensions icon in the Activity Bar on the side of the VS Code window or pressing Ctrl+Shift+X (Windows/Linux) or Cmd+Shift+X (macOS).

• In the search bar, type AquilaX AppSec.

• Locate the plugin titled AquilaX AppSec by AquilaX.

• Click Install.

2. Install via Direct Link

• Visit the plugin’s page on the VS Code Marketplace:

• Click Install on the marketplace page.

Configuration

After installation, follow these steps to configure the plugin:

1. Authenticate with AquilaX

• Open the Command Palette (Ctrl+Shift+P or Cmd+Shift+P) in VS Code.

• Search for AquilaX: Authenticate.

2. Link Your Project

• Ensure your project is scanned by AquilaX. If not, initiate a scan from the AquilaX dashboard or CLI.

• Open the project folder in VS Code.

• The plugin will automatically sync with your project and fetch scan results.

3. Enable/Disable Auto-Fetch

• By default, the plugin periodically fetches scan results. You can toggle this feature in the settings:

• Go to File > Preferences > Settings (Windows/Linux) or Code > Preferences > Settings (macOS).

• Search for AquilaX Auto Fetch and enable or disable the feature as needed.

Usage

1. Viewing Vulnerabilities

• Open a file within your project.

• Vulnerabilities will be highlighted directly in the editor. Hover over the highlighted code to view detailed information about the issue.

2. Accessing Detailed Reports

• Click on the vulnerability marker in the Problems Panel or directly in the code.

• A sidebar will open, showing additional context, such as:

• Vulnerability type.

• Severity level (e.g., Critical, High, Medium, Low).

• Suggested remediation steps.

3. Rescanning the Project

• Open the Command Palette and search for AquilaX: Rescan.

• This command initiates a new scan for the project and updates the plugin with the latest findings.

Troubleshooting

1. Plugin Not Highlighting Vulnerabilities

• Ensure your project has been scanned by AquilaX.

• Check that you are authenticated using the correct API key.

• Verify that the project folder in VS Code matches the scanned project in AquilaX.

2. Authentication Errors

• Reauthenticate using the AquilaX: Authenticate command.

• Check your API key for accuracy.

3. Scan Results Not Updating

• Ensure the Auto Fetch feature is enabled in settings.

• Manually refresh results using AquilaX: Fetch Scan Results from the Command Palette.