Remember the log4j vulnerability that broke out last year? Remember the scene where security engineers are often chased to fix because of code bugs? Don't want to spend too much time fixing bugs, or just don't know how to fix them.
Recently, we launched an IDE plug-in to help developers easily solve code security problems. I recommend it to everyone!
Introduction to MurphySec Code Scan
This plug-in allows developers to detect code-dependent security issues in the IDE, easily identify which open source components with security defects are used in the code, and quickly resolve security issues through accurate repair solutions and one-click repair functions.
The main functions of the plugin are as follows:
- Vulnerability detection: Identify direct and indirect dependencies in the code and detect which defective components are introduced into the code
- One-click repair: not only has a clear repair scheme, but also can be quickly repaired through this function
- Real-time detection: changes in code dependencies lead to security problems, don't worry, the plugin will remind you to deal with it in time
Plugin official address: https://plugins.jetbrains.com/plugin/18274-murphysec-code-scan
Install
Search for murphysec in the IDE to install
At present, Murphy Security Platform registration requires an invitation code, which is being issued in a limited time. Click to get
use
- Select "click to start scanning" to detect which security flaw components exist in the code
- Click the component in the inspection result to view the basic information of the defective component
- Click "One-click Repair" on the right to directly upgrade the component to the "Minimum Repair Version"
open source
The core engine of the IDE plug-in is currently open source, comments, feedback and stars are welcome
开源地址:https://github.com/murphysecurity/murphysec
java
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。