Home
Utilities
Application Utilities
Security
DevSkim logo

DevSkim

A set of IDE plugins and rules that provide security "linting" capabilities (by Microsoft)
github.com
0
3
+ 1
0

What is DevSkim?

It is a framework of IDE extensions and language analyzers that provide inline security analysis in the dev environment as the developer writes code. It has a flexible rule model that supports multiple programming languages. The goal is to notify the developer as they are introducing a security vulnerability in order to fix the issue at the point of introduction, and to help build awareness for the developer.
DevSkim is a tool in the Security category of a tech stack.
DevSkim is an open source tool with 883 GitHub stars and 115 GitHub forks. Here’s a link to DevSkim's open source repository on GitHub

DevSkim Integrations

JavaScript, Python, Visual Studio Code, Java, and TypeScript are some of the popular tools that integrate with DevSkim. Here's a list of all 10 tools that integrate with DevSkim.

DevSkim's Features

  • Built-in rules, and support for writing custom rules
  • Cross-platform CLI built on .NET Core 3.1 for file analysis
  • IDE plugins for Visual Studio and Visual Studio Code
  • IntelliSense error "squiggly lines" for identified security issues
  • Information and guidance provided for identified security issues
  • Optional suppression of unwanted findings
  • Broad language support including: C, C++, C#, Cobol, Go, Java, Javascript/Typescript, Python, and more

DevSkim Alternatives & Comparisons

What are some alternatives to DevSkim?
OpenSSL
It is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.
Azure DevOps
Azure DevOps provides unlimited private Git hosting, cloud build for continuous integration, agile planning, and release management for continuous delivery to the cloud and on-premises. Includes broad IDE support.
Let's Encrypt
It is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).
Ensighten
Ensighten is a comprehensive website security company, offering next generation compliance, enforcement and client-side protection against data loss, ad injection and intrusion.
Azure DevOps Server
It is set of collaborative software development tools, hosted on-premises. It integrates with your existing IDE or editor, enabling your cross-functional team to work effectively on projects of all sizes.
See all alternatives
Related Comparisons
No related comparisons found

DevSkim's Followers
3 developers follow DevSkim to keep up with related blogs and decisions.

Similar Tools

OpenSSLAzure DevOpsLet's EncryptEnsightenAzure DevOps Server

New Tools

Amazon Mechanical TurkAmazon CloudSearchAlgoliaBlazeMeterAlgolia

Related Jobs

OpenSSL JobsAzure DevOps JobsLet's Encrypt JobsEnsighten JobsAzure DevOps Server Jobs