Run the command Get-Project -All | Install-Package Securit圜odeScan. Select project you want to install into and click “Install”. Select “Browse” on the top and search for Security Code Scan. Select “Manage NuGet Packages for Solution…”. Use the link or open “Tools > Extensions and Updates…” Select “Online” in the tree on the left and search for Securit圜odeScan in the right upper field.
Security Code Scan (SCS) can be installed as: Other editors that support Roslyn based analyzers like Rider or OmniSharp should work too. Visual Studio Community, Professional and Enterprise editions are supported.
NET Core projects in a background (IntelliSense) or during a build. Stand-alone runner or through MSBuild for custom integrations.Īnalyzes.
Inter-procedural taint analysis for input data.Ĭontinuous Integration (CI) support for GitHub and GitLab pipelines. Detects various security vulnerability patterns: SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), XML eXternal Entity Injection (XXE), etc.
