Guard

Getting Started with AIVory

This guide will walk you through setting up AIVory, running your first compliance scan, and understanding the results.

  • Create your account - Register at app.aivory.net and authenticate the plugin
  • Configure standards - Choose which compliance frameworks to enforce (OWASP, GDPR, HIPAA, etc.)
  • Run your first scan - Scan your project from the Tools menu, Dashboard, or right-click menu
  • Fix violations - Review issues by severity and apply recommended fixes
  • Monitor compliance - Track your compliance score and trends over time

Prerequisites

Before you begin, ensure you have completed these steps:

Plugin Installed
Install the AIVory plugin from the JetBrains Marketplace
IDE Restarted
Restart your IDE after installation to activate the plugin
Internet Connection
An active connection is required for authentication and scanning

Step 1: Create Your Account

When you first launch the plugin, you’ll see the AIVory welcome screen.

Creating a New Account

  1. Click “Create Account” - The plugin will open app.aivory.net in your browser. Fill out the registration form with your details.

  2. Choose Your Plan - Select the tier that fits your needs:

Free Tier
Limited scans per month, perfect for trying AIVory
Professional Popular
Unlimited scans with advanced features
Enterprise Premium
Custom rules, team management, and SSO
  1. Verify Your Email - Check your inbox for a verification email and click the verification link to activate your account.

  2. Return to IDE - Once verified, return to your IDE and the plugin will automatically authenticate.

Note Already have an account? Click “Log In” instead, enter your credentials in the browser, and authorize the plugin. You’ll see your account status in the IDE status bar.

Step 2: Initial Configuration

After authentication, configure your compliance preferences.

Select Compliance Standards

Choose which standards to enforce for your project:

OWASP Top 10 Recommended
Essential security checks for all projects
GDPR
For projects handling EU personal data
HIPAA
For healthcare applications
PCI-DSS
For payment processing systems
SOC 2
For enterprise SaaS applications
ISO 27001
For information security management
Note You can enable or disable standards at any time in Settings. Start with OWASP Top 10 if you’re unsure which standards apply to your project.

Configure Scan Settings

  • Background Scanning: Automatically scan as you code (recommended)
  • Scan Interval: How often to run automatic scans (default: 30 minutes)
  • Resource Folders: Plugin automatically detects these

Step 3: Run Your First Scan

Let’s run a compliance scan on your project. Choose your preferred method:

Tools Menu
Go to Tools > AIVory > Run Compliance Scan
Dashboard
Open the AIVory Dashboard (bottom tool window) and click Scan Project
Right-Click Menu
Right-click any file or folder and select AIVory > Scan for Compliance Issues
Note Use the right-click menu to scan specific files or folders when you want quick, targeted results.
What Gets Scanned?

AIVory automatically scans:

  • All source code files in supported languages
  • Resource folders (automatically detected)
  • Configuration files (.env, config files)
  • Documentation containing code snippets

Step 4: Understanding Scan Results

After the scan completes, you’ll see results in multiple places.

In the AIVory Dashboard

The dashboard displays:

  • Compliance Score: Overall project health (0-100)
  • Total Violations: Count by severity
  • Recent Scans: History of scan results
  • Top Issues: Most common violations

Violation Severity Levels

AIVory classifies violations by severity:

Critical
Security vulnerabilities that must be fixed immediately (e.g., SQL injection, hardcoded credentials)
Major
Compliance violations that should be fixed (e.g., GDPR data exposure, missing encryption)
Minor
Best practice issues (e.g., weak password validation, logging concerns)
Info
Suggestions for improvement (e.g., code optimization, documentation)

Step 5: Fixing Violations

For violations requiring judgment:

  1. Read the violation description
  2. Click “Learn More” for detailed guidance
  3. Implement the recommended solution
  4. Re-scan to verify the fix
Note Start with Critical violations first. These represent the highest security risk to your application.

Step 6: Monitoring Compliance

Keep your project compliant over time.

Automatic Background Scanning

With background scanning enabled:

  • AIVory scans your project periodically
  • New violations appear as you code
  • Dashboard updates in real-time

The dashboard shows:

  • Compliance Score Over Time: Track your progress
  • Violation Trends: See if issues are increasing or decreasing
  • Standard Breakdown: Which standards have the most violations
Success Team Compliance: On a team plan, view team-wide compliance metrics at app.aivory.net, see who introduced violations, and track team compliance score.

Common First-Time Scenarios

Scenario: Lots of Violations

Don’t panic! This is normal for legacy projects, first-time scans, or projects not previously scanned for compliance.

What to do:

  1. Start with Critical violations only
  2. Use the dashboard to filter by severity
  3. Fix high-priority issues first
  4. Gradually work through the list
Scenario: No Violations Found

This could mean:

  • Your project is already compliant
  • No resource folders detected
  • Supported file types not found

What to check:

  • Verify your project has source code files
  • Check that standards are enabled in settings
  • Ensure resource folders are properly detected
Scenario: Authentication Issues

If you can’t log in:

  1. Check internet connectivity
  2. Verify app.aivory.net is accessible
  3. Try the “Reset Authentication” option: Tools > AIVory > Reset AIVory Authentication
  4. Contact support if issues persist

Best Practices

New Projects
Enable AIVory from day one, fix violations as they appear, and use automatic background scanning
Existing Projects
Run an initial scan to establish baseline, prioritize Critical/Major violations, and schedule remediation sprints

Troubleshooting

Plugin Not Scanning

Issue: Click “Scan Project” but nothing happens

Solutions:

  • Check authentication status in the status bar
  • Verify you have an active subscription
  • Check IDE logs: Help > Show Log
  • Try Tools > AIVory > Force Rescan
Slow IDE Performance

Issue: IDE becomes sluggish with AIVory enabled

Solutions:

  • Disable background scanning: Settings > Tools > AIVory > Background Scanning
  • Increase scan interval to 60+ minutes
  • Exclude large directories from scanning
  • Increase IDE memory: Help > Edit Custom VM Options then add -Xmx4096m
Violations Not Showing in Code

Issue: Dashboard shows violations but nothing appears in editor

Solutions:

  • Enable code inspections: Settings > Editor > Inspections > AIVory Compliance
  • Check that the file type is supported
  • Try reopening the file
  • Restart the IDE

Next Steps


Getting Help