Scanning files for vulnerabilities

Edit online

Use file scans to analyze the file that is currently open in your IDE. File scans provide immediate feedback while you develop code and typically complete faster than repository or workspace scans.

Available file scan types

The following file scan types are available:
  • Secrets detection:Scans the active file for exposed secrets and sensitive information, such as credentials, tokens, and keys.
  • Kubescape:Scans Kubernetes deployment manifest files (.yaml and .yml) for security vulnerabilities, configuration issues, and security best practice violations.

Scan a file

  1. Open a supported source file in your IDE.
  2. In the Concert Secure Coder panel, click File scans.
  3. Click Scan file.
  4. Review the findings in the results panel.

The results panel displays any vulnerabilities, exposed secrets, or configuration issues that are detected in the file.

Configure automatic file scans

You can configure Concert Secure Coder to automatically scan files:
  • When you save a file
  • When you stop typing

To configure automatic file scanning, update the settings in the Concert Secure Coder settings panel.

For more information, see Configuring Concert Secure Coder settings.