...

Same IDE Plugins are available for Software Composition Analysis too (see below).

Visual Studio and Visual Studio Code

Security Reviewer Visual Studio Extension scans source code written in C#, VB.NET, C/C++, VB 16 and 32-bit, ASP, ASPX, JavaScript, VBScript, HTML and SQL programming languages, directly from Visual Studio. Visual Studio Code extensions works with all programming Languages supported.

...

You can refresh the Security Reviewer View by pressing icon.

Eclipse, Rational RTC, RSA and RAD Studio

Security Reviewer postSpy plugin for Eclipse, Rational RTC, RSA and RAD Studio plugin shares the same interface and scans source code written in JAVA, JSP, JavaScript and SQL programming languages, directly from Eclipse, IBM Rapid Application Developer (RAD), IBM Rational Team Concert (RTC), and IBM Rational Software Architect (RSA). Further than source code, PostSpy processes all configuration files (XML, XSD, XPath, .cfg, .conf, .yml, json, etc.), binaries (JAR, WAR, EAR) and frameworks (115 JAVA and 52 JavaScript frameworks of the most used), finding and detects weaknesses hidden inside them, and assesses potential vulnerabilities according OWASP, PCI-DSS, WASC, CVE, CVSS and CWE-SANS international standards.

...

You can retrieve issues or you can run a local analysis.

...

JetBrains Plugin

Currently the plugin is build to work in:

...

• Listing results of previously analyzed code and show issues in your IDE

• Running a script to perform a local analysis to find issues in your local code

Software Composition Analysis IDE plugins

In the Software Composition Analysis, source code matters for scripting languages only. We support all IDE extensions described above for Software Composition Analysis of the following languages:

...