HoundDog.ai Static Code Scanner
This extension integrates with the HoundDog.ai Static Code Scanner, a robust and ultra-fast source code analysis tool that helps organizations prevent unintentional developer errors, such as oversharing or overlogging of sensitive data (including Personally Identifiable Information (PII), Protected Health Information (PHI), Cardholder Data (CHD), and Personally Identifiable Financial Information (PIFI)), before the code reaches production.
Features
- Workspace-wide scanning: Scans your entire open workspace to detect vulnerabilities where sensitive data (e.g., PII/PHI) is exposed in plaintext within logs, files, cookies, tokens, and third-party integrations (e.g., Datadog, Sentry, Segment, etc.). Here is a sample of the vulnerability types covered by HoundDog.ai:
- CWE-201: Information Exposure Through Sent Data
- CWE-209: Information Exposure Through an Error Message
- CWE-312: Cleartext Storage of Sensitive Information
- CWE-313: Cleartext Storage in a File or on Disk
- CWE-315: Cleartext Storage of Sensitive Information in a Cookie
- CWE-532: Insertion of Sensitive Information into Log File
- CWE-539: Use of Persistent Cookies Containing Sensitive Information
- Problem integration: Displays the detected vulnerabilities directly in the "HoundDog" panel, making it easier to track and address issues.
- Remediation strategies: Provides recommendations on how to fix PII leaks, including omitting the exposed data or sanitizing it before exposure (e.g., masking, encryption, obfuscation, etc.).
Requirements
To use this extension, you need the following:
- HoundDog Scanner CLI: Ensure the HoundDog Scanner CLI is installed and accessible in your system's PATH. Please follow these guidelines to install the scanner: https://docs.hounddog.ai/scanner/installation
- API Key: A valid API key must be configured in the extension's settings. If your organization has purchased one of the paid plans, you can log into the HoundDog.ai Cloud Platform to generate the API key needed—see the documentation for more details. Without an API key, you will not be able to use this extension.
Extension Settings
The extension adds the following configurable settings:
- houndDogScanner.apiKey: Set your API Key to enable the scanner.
- houndDogScanner.enableDataElements: Toggle the inventory of sensitive data elements found in your workspace. Enabled by default for comprehensive scans but can be disabled for faster performance.
Categories: IDE, Programming Languages, Source Code Analyzer, Systems Development, Tools
Additional Details
Eclipse Versions: 2025-03 (4.35), 2024-12 (4.34), 2024-09 (4.33), 2024-06 (4.32), 2024-03 (4.31), 2023-12 (4.30), 2023-09 (4.29), 2023-06 (4.28), 2023-03 (4.27), 2022-12 (4.26), 2022-09 (4.25), 2022-06 (4.24), 2022-03 (4.23), 2021-12 (4.22)
Platform Support: Windows, Mac, Linux/GTK
Organization Name: HoundDog.ai
Development Status: Beta
Date Created: Monday, December 16, 2024 - 06:08
License: Commercial
Date Updated: Wednesday, January 8, 2025 - 08:55
Submitted by: HoundDog AI
Date | Ranking | Installs | Clickthroughs |
---|---|---|---|
January 2025 | 412/618 | 7 | 14 |
December 2024 | 563/654 | 2 | 19 |
November 2024 | 0/0 | 0 | 0 |
October 2024 | 0/0 | 0 | 0 |
September 2024 | 0/0 | 0 | 0 |
August 2024 | 0/0 | 0 | 0 |
July 2024 | 0/0 | 0 | 0 |
June 2024 | 0/0 | 0 | 0 |
May 2024 | 0/0 | 0 | 0 |
April 2024 | 0/0 | 0 | 0 |
March 2024 | 0/0 | 0 | 0 |
February 2024 | 0/0 | 0 | 0 |