--- title: Code Security description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > Datadog IDE Plugins > Datadog Plugin for JetBrains IDEs > Code Security --- # Code Security {% callout %} # Important note for users on the following Datadog sites: app.ddog-gov.com {% alert level="danger" %} This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site). (). {% /alert %} {% /callout %} ## Overview{% #overview %} The [Code Security](https://docs.datadoghq.com/security/code_security/) integration in the Datadog plugin for JetBrains IDEs promotes better security by flagging library vulnerabilities and runtime code vulnerabilities. The local code analyzer checks your code changes as you edit to detect quality and security issues prior to commit. The feature is supported for any source code repository that is onboarded for [Datadog Code Security](https://app.datadoghq.com/security/configuration/code-security/setup). ## Vulnerabilities{% #vulnerabilities %} The Datadog plugin reports library and runtime code vulnerabilities by highlighting the issues directly in the source editor: {% image source="https://datadog-docs.imgix.net/images/developers/ide_plugins/idea/code_security/library-vulnerability.7ce59d8da2a90ff10806a039577aef54.png?auto=format" alt="A library vulnerability highlighted in the source editor" /%} Full details of each vulnerability are shown in the Datadog tool window in the **File Insights** and **Project Insights** tabs. {% image source="https://datadog-docs.imgix.net/images/developers/ide_plugins/idea/code_security/library-vulnerability-tool-window.0ba443262a8e2721d68493ff8ed280cd.png?auto=format" alt="A library vulnerability shown in the Datadog tool-window" /%} Click on the link in the **Code Links** section to navigate to the source location, or click on the vulnerability description to open the summary in Datadog. ## Local code analysis{% #local-code-analysis %} ### File editing{% #file-editing %} As you edit your source files, the Datadog plugin checks the content (locally) against a set of [rules](https://docs.datadoghq.com/security/code_security/static_analysis/setup/?tab=github) to detect and flag quality and security issues before you commit your changes. The local analysis engine supports all the file types listed in [Static Analysis Rules](https://docs.datadoghq.com/security/code_security/static_analysis/static_analysis_rules/). Issues are shown in the source code editor with the JetBrains inspection system, and you can apply suggested fixes directly. {% image source="https://datadog-docs.imgix.net/images/developers/ide_plugins/idea/code_security/local-code-analysis.f6beb981689151fe5ad14f0704d159da.png?auto=format" alt="Static analysis violation in the source editor" /%} Additionally, all issues detected by this feature are listed in the standard **Problems** view. ### Analyzing multiple files{% #analyzing-multiple-files %} You can run the local code analysis across multiple files. In the **Code** menu, select **Analyze Code** → **Run Inspection By Name…** and choose `Datadog Static Analysis`: {% image source="https://datadog-docs.imgix.net/images/developers/ide_plugins/idea/code_security/inspection-by-name.0484a6cf4a0547bae2ec4709c5ad4057.png?auto=format" alt="Datadog Static Analysis inspection" /%} Choose the scope, click **OK**, and review the flagged issues in the **Problems** view. ### Configuration{% #configuration %} The code analyzer runs automatically if you meet both of these conditions: - Your repository has been onboarded for [Datadog Code Security](https://app.datadoghq.com/security/configuration/code-security/setup). - You are logged in to Datadog so that the remote configuration data is available. To see the configuration data in your IDE, run the action **Show Datadog Static Analyzer Config**: {% image source="https://datadog-docs.imgix.net/images/developers/ide_plugins/idea/code_security/show-sa-config.7a3362b2f7d2a38ee7d0861b5e1bf64d.png?auto=format" alt="Action to show the Static Analyzer configuration" /%} You can save a local configuration file (`static-analysis.datadog.yml`) at the root of the repository, and its settings will be merged with the remote configuration. When there is no remote configuration available, the local configuration file is used on its own. Using a local configuration file is a great way to try out the feature, and it works even without a Datadog login. {% image source="https://datadog-docs.imgix.net/images/developers/ide_plugins/idea/code_security/local-config.950dc5142bca65597b1be59a9a1f9072.png?auto=format" alt="A local configuration file for Static Analysis" /%} Read more about how to [customize your configuration](https://docs.datadoghq.com/security/code_security/static_analysis/setup/?tab=github#customize-your-configuration). ### Settings{% #settings %} The Datadog Static Analyzer can be activated and deactivated in the IDE settings under **Editor** → **Inspections**. {% image source="https://datadog-docs.imgix.net/images/developers/ide_plugins/idea/code_security/inspections-settings.8dbc7c167992233ca01501a59113c874.png?auto=format" alt="Settings to activate and deactivate Static Analysis" /%} ## Further reading{% #further-reading %} - [Learn more about Code Security](https://docs.datadoghq.com/security/code_security/)