Eclipse

For applications instrumented with a Contrast agent, you can view vulnerability information directly in the Eclipse IDE during development for faster remediation. You will see affected lines of code and can view more details about the vulnerability in Contrast.

This plugin is available for Mac/OS and Windows and supports the latest versions of Eclipse.

To install the Eclipse plugin, visit the Eclipse marketplace or:

  1. In Eclipse, select Help > Eclipse Marketplace

  2. Search “Contrast Security”.

  3. Select Install.

  4. Configure the plugin at Window > Show View > Other.

  5. Search “Contrast” and add the view that appears in the search.

  6. Enter the Username, API Key, Organization ID and Service Key in the configuration page. You can find these keys in user settings.

  7. Select Add.

  8. The Vulnerabilities view shows a list of all the vulnerabilities from Contrast. You can sort and filter them.

    Image shows list of vulnerabilities in Eclipse.
  9. Select the vulnerability title for information about that particular vulnerability. From there you can select How to fix for remediation instructions to fix the vulnerability. Select Details and double-click on the Java stack traces to focus on a particular source code line. You can also change the vulnerability status here.

    Image shows vulnerability details.
  10. Select the Go to page icon to open Contrast and see more vulnerability information.