In the fast-paced world of cloud-native development, the long-standing goal of “shifting left” has often created more friction than it has resolved, overwhelming developers with a flood of security alerts from legacy tools that lack the necessary context for effective remediation. Security teams have historically struggled to integrate their processes into the development lifecycle without causing significant delays, leading to noisy CI/CD pipelines and massive backlogs of unaddressed issues. Addressing this critical gap, Wiz has announced the general availability of its plugin for JetBrains Integrated Development Environments (IDEs), a move designed to embed real-time security directly into the coding workflow. This integration allows developers to identify and fix misconfigurations, vulnerabilities, exposed secrets, and sensitive data as they write code, transforming security from a disruptive gatekeeper into a seamless, collaborative partner. “Bringing Wiz’s cloud context into JetBrains IDEs means developers can find and fix cloud-related security issues locally, as they code,” stated Gideon Kreiner, Senior Director of Technology and Strategic Partnerships at JetBrains. “The plugin works across all our IDEs and gives teams the clarity they need to secure their cloud environments without interrupting their workflow. It’s a great example of how thoughtful integrations can help shift security left, without adding friction.”
1. Elevating Security From Ide Scanning to Code to Cloud Protection
The Wiz plugin for JetBrains IDEs represents a significant evolution beyond traditional security scanners, which typically operate in isolation from the live cloud environment and provide feedback late in the development cycle. Instead of forcing developers to wait for CI/CD builds or navigate separate security dashboards, this tool delivers real-time, contextual feedback directly within the IDE. This immediate feedback loop is powered by Wiz Code, a technology that extends the platform’s cloud-first security intelligence into the pre-production stages of development. Its core strength lies in its ability to connect findings identified in local code to the actual running cloud environment. This capability allows the plugin to prioritize alerts based on genuine risk factors such as public exposure, network reachability, and assigned permissions. By highlighting the issues that truly pose a threat, it cuts through the noise of conventional static analysis tools and empowers developers to focus on what matters most, effectively bridging the gap between abstract code vulnerabilities and tangible cloud risks.
This integration goes beyond simple code analysis by embedding a comprehensive, cloud-aware security framework directly into the developer’s primary workspace. A key advantage is its use of the Wiz Security Graph to provide code-to-cloud context, which can instantly identify, for instance, a hardcoded secret that corresponds to a high-privilege Identity and Access Management (IAM) role in the production environment. This direct line of sight into potential impact is invaluable. Furthermore, the plugin ensures a seamless workflow by making security an intrinsic part of the coding process rather than an external checkpoint. Organizational security policies enforced in production are the same ones applied within the IDE, establishing a unified standard that eliminates guesswork and reduces the likelihood of policy-related failures later in the pipeline. To accelerate remediation, the plugin also provides actionable, one-click fixes for complex cloud risks, allowing developers to resolve sophisticated security issues with minimal disruption and maintain development velocity.
2. Writing Secure Code With Instant Feedback and Simple Fixes
By integrating directly into the JetBrains environment, the Wiz plugin transforms the IDE into an proactive security partner that actively assists developers in writing secure code from the outset. With every file save, the plugin automatically initiates a scan of both application code and Infrastructure-as-Code (IaC) files, surfacing potential security flaws in real time. This continuous analysis is designed to catch a wide range of issues early in the development process, from a mistakenly hard-coded secret in a configuration file to a critical misconfiguration in a Terraform or CloudFormation template that could lead to a security breach in production. For more targeted analysis, developers also have the option to run scans on demand. All findings are consolidated and presented directly within the IDE’s Activity Bar, where they are accompanied by clear explanations, severity ratings, and precise code locations, providing developers with all the information they need to understand and address the identified risks without leaving their coding environment.
The focus on an uninterrupted developer experience is further demonstrated by the plugin’s streamlined remediation capabilities. For many of the issues it identifies, the tool offers inline, one-click remediation suggestions, making the process of fixing vulnerabilities and misconfigurations remarkably straightforward. When a developer applies a suggested fix and saves the file, Wiz automatically rescans the code to validate that the change has effectively resolved the issue. This immediate validation loop provides developers with the confidence that their corrections are effective and compliant with organizational security standards. By embedding both detection and remediation so deeply into the natural workflow of writing and saving code, the plugin helps developers resolve security findings quickly and efficiently. This approach not only prevents security issues from accumulating but also fosters a culture where security is viewed as an integral component of software quality rather than a separate, cumbersome task to be addressed later.
3. Finding Malicious Packages Before They Enter the Repository
In an era of increasingly sophisticated supply-chain attacks, security measures that only trigger during the CI/CD pipeline are no longer sufficient. Recognizing this, the Wiz plugin proactively detects malicious packages and high-risk dependencies at the earliest possible stage—as they are being added to a project on a developer’s local machine. This “shift-left” approach to dependency management is crucial for stopping threats before they are ever committed to a version control system, pushed to a shared repository, or deployed into a build environment. By identifying these risks at the source, the plugin effectively prevents malicious code from propagating through the development lifecycle, thereby protecting the entire software supply chain from contamination. This preemptive capability ensures that potentially compromised dependencies are flagged and addressed long before they have the chance to disrupt the CI/CD pipeline or, worse, become embedded in a production application where they can be exploited by attackers.
The plugin’s effectiveness in this area is amplified by its ability to correlate package intelligence with real-world cloud and runtime context. It moves beyond simply flagging a dependency as risky; it provides developers with a clear understanding of why it matters in their specific environment. For example, the tool can highlight whether a particular package is known to introduce a backdoor, leak sensitive credentials, or significantly expand the attack surface of a critical production service. This contextual insight allows developers to make informed decisions about the dependencies they choose to incorporate into their projects. It helps them differentiate between a low-risk vulnerability in an internal-facing tool and a critical flaw in a publicly exposed microservice. By arming developers with this crucial context directly on their machines, the plugin ensures that risky packages are caught and mitigated at the most opportune moment—when code is being written.
4. Maintaining Consistent Security Rules From the Ide to Production
A common source of friction between development and security teams arises from a disconnect in policy enforcement, where code that passes local checks is later flagged for issues during CI/CD or pre-deployment scans. The Wiz plugin for JetBrains addresses this challenge by ensuring that the same security policies enforced in production and CI/CD environments are applied directly within the IDE. This alignment creates a single, consistent standard for security across the entire development lifecycle. When a developer opens a project, the plugin automatically detects the active repository and applies the corresponding set of organizational security standards as code is being written. This proactive enforcement means that security is no longer a moving target; developers are aware of and can adhere to the required security posture from the very first line of code, significantly reducing the chances of encountering policy-related surprises later in the development process.
This unified approach to policy enforcement fundamentally shifts security from a reactive, late-stage gate to a proactive, integrated component of the development workflow. By moving enforcement to the earliest point in the lifecycle, organizations can dramatically reduce noise, minimize the need for costly rework, and streamline the path to production. When developers can ship code with the confidence that it already meets the security team’s stringent requirements, it fosters a more collaborative and efficient relationship between the two teams. This consistency ensures that the security feedback developers receive in their IDE is directly relevant and actionable, as it reflects the same criteria that will be used to evaluate their code in subsequent stages. Ultimately, this leads to a more secure and efficient development process, where teams can build and deploy applications with greater speed and confidence, knowing that security has been built in from the start.
5. A New Paradigm in Developer Centric Security
The integration of real-time cloud insights with code scanning directly within the IDE marked a significant step forward in making security an organic part of the development process. By surfacing misconfigurations, vulnerabilities, and risky dependencies prioritized by their actual impact on the live cloud environment, the plugin provided developers with the same contextual intelligence that security teams used in production. This alignment of perspective and tooling empowered developers to address the most critical risks from the very first line of code. Organizations that adopted this technology were able to bridge the long-standing gap between development and security, fostering a more collaborative and efficient workflow. The path forward was clear for joint customers, who could follow the guidance in the Wiz Docs to install the JetBrains IDE plugin and begin tracking its adoption across their development teams, effectively embedding cloud-native security into the heart of their software creation process.
