Checkmarx SAST

Checkmarx SAST (CxSAST) is a static application security testing solution used to identify security vulnerabilities in custom code. It is used by development, DevOps, and security teams to scan source code early in the SDLC, identify vulnerabilities, and provide actionable insights to remediate them.

Types of Assets Fetched

This adapter fetches the following types of assets:

• Devices
  
  

Parameters

1. Host Name or IP Address (required) - The hostname or IP address of the Checkmarx SAST server.
2. User Name and Password (required) - The credentials for a user account that has the permissions to fetch assets.
3. Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Host Name or IP Address. For more details, see SSL Trust & CA Settings.
   • If enabled, the SSL certificate offered by the value supplied in Host Name or IP Address will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
   • If disabled, the SSL certificate offered by the value supplied in Host Name or IP Address will not be verified against the CA database inside of Axonius.
4. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Host Name or IP Address.
   • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Host Name or IP Address.
   • If not supplied, Axonius will connect directly to the value supplied in Host Name or IP Address.
5. HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
   • If supplied, Axonius will authenticate with this value when connecting to the value supplied in HTTPS Proxy.
   • If not supplied, Axonius will not perform authentication when connecting to the value supplied in HTTPS Proxy.
6. HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
   • If supplied, Axonius will authenticate with this value when connecting to the value supplied in HTTPS Proxy.
   • If not supplied, Axonius will not perform authentication when connecting to the value supplied in HTTPS Proxy.
7. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.
   
   

APIs

Axonius uses the Checkmarx CxSAST (REST) API.