ShiftLeft CORE for Visual Studio Code (Beta)
Fix vulnerabilities before they ever exist as a backlog ticket. ShiftLeft CORE for VS Code is a free extension that lets you shift even further left by allowing you to identify and fix security vulnerabilities as you write code.
How to add the extension:
Authorize with ShiftLeft.io
You can configure your extension by going to Preferences > Settings > ShiftLeft.
Scanning your application for security vulnerabilities
You will need to have a ShiftLeft account before you are able to scan. Open your VS Code problems panel or ShiftLeft extension tab for details.
ShiftLeft CORE Secrets VS. local pre-commit Secrets Detection
Our CORE platform and the IDE extension operate differently and may present you with different results. Our CORE secrets feature scans your entire application and you can customize it in your config file.
On the other hand, the VS Code extension can only be used locally and is a pre-commit secrets detection. The goal is for you to do local scans and prevent secrets from ever reaching your repositories.
This VS Code extension is intended to prevent you from committing new secrets at all.
The following dependencies are required before you are able to use ShiftLeft CORE for VS Code.
Python (for Python projects)