Add Secure Source Code Analysis inside your build process
This extension is now unpublished from Marketplace. You can choose to uninstall it.
Overview
Checkmarx is a powerful single unified security solution for Static Source Code Analysis (SAST), dependency scanning(SCA), KICS and container scanning analysis designed for identifying, tracking and fixing technical and logical security flaws.
Checkmarx is integrated seamlessly into the Microsoft’s Software Development Life Cycle (SDLC), enabling
the early detection and mitigation of crucial security flaws.
Checkmarx provides the following key benefits:
Scan source code
Integrates smoothly within the SDLC to provide detailed near real- time feedback on code security state
Best fix location
Highlights the best place to fix your code
Quick and accurate scanning
Reduce false positives, adapt the rule set to minimize false positives, and understand the root cause
for results
Incremental scanning
Just test the parts of the code that have been changed since last code check-in to reduce scanning time by
more than 80%. Enables incorporation of the security gate within your continuous integration pipeline
Seamless integration
Works with all IDEs, build management servers, bug tracking tools and source repositories
Protect Your Full Code Portfolio (Open Source and In-house Source Code)
Analyzing open source libraries, making sure licenses are being honored and weeding out any open source components which expose the application to known vulnerabilities,
Checkmarx Open Source solution provides complete code portfolio coverage under a single unified solution and with no extra installations or administration required.
Easy to initiate Open Source Analysis
Enhancing your code portfolio risk assessment coverage is merely a few mouse clicks away. With Checkmarx’s Open Source Analysis, there is no need for additional installations or multiple management interfaces. Simply turn it on and within minutes a detailed report is generated with clear results and detailed mitigation instructions. Analysis results are designed with the developer in mind.
No time is wasted on trying to understand the required actions items to mitigate the detected security or compliance risk.
Getting Started with Checkmarx:
To complete this step:
From the Build menu in the main screen, add Checkmarx build step
Click Add to configure Checkmarx and configure the properties
Configure Checkmarx Build Step
To complete this step:
Project Name: Enter a new project name or default to $(Build.Repository.Name). The default name will contain the SCM repository name.
Tenant Name: Please provide your AST Tenant name
Additional Parameters: Please provide any additional parameters for the scan to complete (--sast-preset-type "Checkmarx Default")
Configure Checkmarx AST Service Connection Step
To complete this step:
Please select the Checkmarx AST service Connection option to create a new service connection to AST portal
Server URL: Enter the AST endpoint URL
Checkmarx AST Auth URL: Enter the optional Auth URL
Checkmarx Client ID: Please enter the AST OAuth Client ID
Checkmarx Client Secret: Please enter the AST OAuth Client Secret
