Contrast Security has partnered with Secure Code Warrior to provide contextual links to videos and training material from within the Contrast UI and Contrast IDE plugins. These links can be generated by running a Python script against your Contrast organization by following the steps below.
Objective
To provide links to Secure Code Warrior training videos and coding exercises within the "How to Fix" area of a vulnerability displayed within Contrast and its IDE plugins (e.g. IntelliJ, Eclipse, Visual Studio)
Process
Warning: Running this script will overwrite any manual rule references that you may have added to your Contrast environment in Policy Management > Assess Rules.
- Clone the integrations-scw code repository which is published here: https://github.com/Contrast-Security-OSS/integrations-scw
- Login to the Contrast UI in your browser.
- Click your name in the top right, and select 'User Settings'.
- Update the config.json with details about your Contrast UI instance and credentials from the 'Your Keys' section. If you are running Contrast On Premises please ensure the url ends in
/api/ng/
. - Run with
python3 contrast_scw.py
. It can be run more than once should changes be made, it will overwrite the rule references each time it is run.
For further information please consult the README.md file in the repository above.