Overview
The CybeDefend plugin for JetBrains IDEs brings comprehensive security analysis and AI-powered remediation directly into your development workflow. Identify vulnerabilities, get AI-generated fixes, and manage your security posture — all without leaving your IDE.Install from JetBrains Marketplace
Get the CybeDefend plugin for JetBrains IDEs
Supported IDEs
The plugin is compatible with JetBrains IDEs build 2024.3+, including:IntelliJ IDEA
PyCharm
WebStorm
PhpStorm
GoLand
Rider
CLion
RubyMine
Android Studio
Key Features
5 Scan Types
SAST, SCA, IaC, Secrets, and CI/CD scanning in one plugin
CybeAgent
AI-powered assistant that analyzes and fixes vulnerabilities with full code context
DeepFix
Automated dependency upgrades for SCA vulnerabilities across 10 ecosystems
Native Integration
Gutter icons, diagnostics, context menus, and tool windows built for JetBrains
Security Scanning
| Scan Type | What It Detects |
|---|---|
| SAST | SQL injection, XSS, path traversal, command injection — with taint analysis and data flow tracking |
| SCA | Known CVEs in dependencies (npm, Maven, pip, Go, NuGet, RubyGems, Cargo, Swift, Packagist) |
| IaC | Misconfigurations in Terraform, CloudFormation, Kubernetes, Docker |
| Secrets | Leaked API keys, tokens, passwords, certificates |
| CI/CD | Insecure pipeline configurations and overly permissive permissions |
Editor Integration
- Gutter icons — Severity-colored markers on every vulnerable line (Critical, High, Medium, Low, Info)
- Diagnostics — Native underlines visible in the inspections/problems panel
- Context menu — Right-click on vulnerable code to view details or trigger AI fix
- Tool windows — Dedicated “CybeDefend” and “CybeDefend Security” panels
- Code navigation — Click any vulnerability to jump to the exact line of code
CybeAgent — AI-Powered Fix
Click “Fix with CybeAgent” on any vulnerability. The AI agent receives the full vulnerability context — severity, CWE, OWASP classification, data flow, code snippet, and remediation guidance — then proposes a precise code fix that you review and apply.DeepFix — Automated Dependency Upgrades
Automatically resolves safe version upgrades for SCA vulnerabilities. Supports 10 package ecosystems: npm, Maven, pip/PyPI, Go, NuGet, Packagist, RubyGems, Cargo, SwiftPM, and CocoaPods.Git Integration
The plugin adds a “Generate Commit Message” action in the VCS commit dialog, using AI to generate meaningful commit messages based on your staged changes.Getting Started
Install
Open Settings/Preferences → Plugins → Marketplace, search for “CybeDefend”, and click Install. Restart the IDE when prompted.
Select Your Region
In the CybeDefend tool window settings, select EU (Europe — default) or US (United States) depending on your CybeDefend instance.
Authenticate
Open the CybeDefend tool window and click Login. Your browser opens for a secure OAuth 2.0 authentication flow. After completing login, you are redirected back to the IDE automatically.
File Exclusion
Create a.cybedefend file at your project root to exclude files and directories from scans. It uses .gitignore syntax:
Common directories like
node_modules, .git, dist, build, venv, and __pycache__ are excluded by default.Vulnerability Management
You can update vulnerability status directly from the IDE:| Status | Meaning |
|---|---|
| To Verify | Needs triage (default) |
| Confirmed | Validated vulnerability |
| Not Exploitable | False positive |
| Resolved | Fixed |
| Ignored | Accepted risk |
Requirements
- JetBrains IDE 2024.3 or later (build 243.0+)
- A CybeDefend account (create one here)
- Internet connection to the CybeDefend API
Related: VS Code Extension · MCP Server Integration · Create Your Account · CybeDefend Ignore File