Checkmarx is an application security solution that provides tools for static code analysis, open source analysis, integrated into the development process, used to identify security vulnerabilities within the code. Digital.ai Release Checkmarx plugin lets you trigger scans in Checkmarx for your application, verify scan results, and check compliance directly from the Digital.ai Release user interface.
Steps
checkmarx.Server: Http connection to Checkmarx server.
checkmarxSCA.Server: Http connection to Checkmarx SCA server.
checkmarx.task: Base task which can be extended by other tasks.
checkmarx.checkCompliance: Check Compliance task type verifies the level of the severity threshold for your project on the Checkmarx server.
checkmarx.checkOsaCompliance: Check Compliance task type verifies the risk levels of the security and license thresholds for your project open source libraries.
checkmarx.gitScan: Triggers a scan on the Checkmarx server for your project from a specified Git repository.
checkmarx.svnScan: Triggers a scan on the Checkmarx server for your project from a specified Git repository.
checkmarx.checkScaCompliance: Verifies the risk levels of the security and license thresholds for your project source code
checkmarx.CheckmarxSummaryTile: Display the metrics from Checkmarx about the project configured for CxSAST scan
checkmarx.CxosaSummaryTile: Display the metrics from Checkmarx about the project configured for CxOSA scan
Reference Images
Checkmarx CxSCA compliance task
Checkmarx CxOSA compliance task
Checkmarx CxSAST Trigger Git Scan task
CxOSA and CxSAST scan summary tile