Login
    Contents x
    Checkmarx SAST
    • 30 Nov 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Checkmarx SAST

    • Updated on 30 Nov 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    Checkmarx SAST (CxSAST) is a static application security testing solution used to identify security vulnerabilities in custom code. It is used by development, DevOps, and security teams to scan source code early in the SDLC, identify vulnerabilities, and provide actionable insights to remediate them.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices

    Parameters

    1. Host Name or IP Address (required) - The hostname or IP address of the Checkmarx SAST server.

    2. User Name and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets.

    3. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

    4. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

    5. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

    6. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    image.png

    Advanced Settings

    Note:

    Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

    1. Fetch projects as assets - Select this option to ingest Checkmarx projects as Device Entities.

    2. Fetch engine servers as assets - Select this option to ingest "Engine Servers" as Devices.

    3. Last scan to include in project - Specify the number of past scans to include in each project. (Default is 1: only the most recent).

    4. Include only active users - Select this option to only fetch active users.

    Note:

    To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

    APIs

    Axonius uses the Checkmarx CxSAST (REST) API.

    Required Permissions

    The value supplied in User Name must have SAST Admin role.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout