...
Same IDE Plugins are available for Software Composition Analysis too (see below).
Visual Studio and Visual Studio Code
Security Reviewer Visual Studio Extension scans source code written in C#, VB.NET, C/C++, VB 16 and 32-bit, ASP, ASPX, JavaScript, VBScript, HTML and SQL programming languages, directly from Visual Studio. Visual Studio Code extensions works with all programming Languages supported.
...
You can refresh the Security Reviewer View by pressing icon.
Eclipse, Rational RTC, RSA and RAD Studio
Security Reviewer postSpy plugin for Eclipse, Rational RTC, RSA and RAD Studio plugin shares the same interface and scans source code written in JAVA, JSP, JavaScript and SQL programming languages, directly from Eclipse, IBM Rapid Application Developer (RAD), IBM Rational Team Concert (RTC), and IBM Rational Software Architect (RSA). Further than source code, PostSpy processes all configuration files (XML, XSD, XPath, .cfg, .conf, .yml, json, etc.), binaries (JAR, WAR, EAR) and frameworks (115 JAVA and 52 JavaScript frameworks of the most used), finding and detects weaknesses hidden inside them, and assesses potential vulnerabilities according OWASP, PCI-DSS, WASC, CVE, CVSS and CWE-SANS international standards.
...
You can retrieve issues or you can run a local analysis.
...
JetBrains Plugin
Currently the plugin is build to work in:
...
Listing results of previously analyzed code and show issues in your IDE
Running a script to perform a local analysis to find issues in your local code
Software Composition Analysis IDE plugins
In the Software Composition Analysis, source code matters for scripting languages only. We support all IDE extensions described above for Software Composition Analysis of the following languages:
...