Awesome
intellij-code-audit
IndelliJ IDEA code analysis policies for use in security auditing. Likely not valid anymore but the idea of IntelliJ IDEA as poor man's [overpriced snakeoil static analyzer] is still valid.
More details at http://www.surrendercontrol.com/2012/11/starting-java-code-audits-with-intellij.html