NetShield Analyzer for VS Code

NetShield Real Risk Analysis is a lightweight, ultra-accurate Reachability Engine that bridges the gap between SCA (Software Composition Analysis) and SAST (Static Application Security Testing) for Java applications.

This extension provides Shift-Left Security Feedback directly in your editor.

Features

• Real-Time Analysis: Automatically scans .java and pom.xml files when you save them.
• Accurate Vulnerability Detection: Uses Class Hierarchy Analysis (CHA) and invokeDynamic lambda resolution to prove if a CVE is actually triggerable by your code.
• Reduces False Positives: Placed red squiggles only on imports and methods that matter.
• Auto-Download: Automatically fetches the correct binary for macOS, Linux, or Windows on startup.

Requirements

• A Java pom.xml project.

Usage

1. Open your Maven project.
2. Edit a .java file or pom.xml.
3. Save the file.
4. If a vulnerability is reachable, a red squiggle will appear. Hover over it for CVE details and remediation advice.

You can also run it manually via the command palette: NetShield: Scan Current Project.

Settings

• netshield.executablePath: By default, the extension auto-downloads the binary from GitHub. If you wish to use a custom binary, provide the absolute path here.

Netshield Enterprise - Absolute Security without the Noise.