Secure your code as you write with Orca AppSec for Visual Studio Code. Get real-time security scanning, actionable insights, and fixes - right in your workflow
Features
Comprehensive security coverage:
Secrets Scanning (with active verification): Detect exposed secrets and credentials.
Static Application Security Testing (SAST): Identify security vulnerabilities in your source code.
Software Composition Analysis (SCA): Uncover vulnerabilities in your dependencies.
Infrastructure as Code (IaC) Security: Detect misconfigurations in your infrastructure code.
On-save scanning for modified files and on-demand scanning for full projects.
Inline issue annotations, Problems panel integration, and a structured security findings sidebar.
Fully customizable scanning configuration.
All scans are performed locally - your code never leaves your machine.