OX IDE Integrations

OX provides IDE integrations that enable scanning code locally during development.

These integrations allow you to identify security issues before pushing changes to a remote repository.

This option is not a replacement for full repository scans, but a complementary tool for early-stage, local validation.

The repository you scan must exist in your organization and be known to OX.

Currently the following issue categories are supported: Open Source Security, Code Security, SBOM, IaC, Secret/PII.

The main goal is to let you scan code locally before pushing changes to a remote repository, as follows:

• Detect vulnerabilities and secrets before they are exposed

• Prevent pushing insecure code to shared environments

• Fix security issues early in the development process

How it works

IDE integrations scan your local code changes and send them to OX for analysis.

Scan results are displayed directly in your IDE and include issues linked to the exact line of code, severity, category, and remediation recommendations.

Available integrations

Choose the integration based on your development environment:

• VS Code and VS Code-based IDEs: Use the OX IDE extension for Visual Studio Code, Cursor, Windsurf, and VSCodium.

• JetBrains IDEs: Use the OX IDE plugin for IntelliJ IDEA, PyCharm, WebStorm, GoLand, PhpStorm, and other JetBrains IDEs.