- Checkmarx Documentation
- Checkmarx One
- Checkmarx One Learning Tracks
- Checkmarx One Learning Tracks - Development
- Consuming Checkmarx One Results
- Understanding results
- Consuming SAST results
Consuming SAST results
In this section, we will look at how to consume SAST results.
SAST results appear in two sections, a section with Vulnerabilities and a Code Viewer section.
The Vulnerabilities section displays a list of vulnerabilities found during the last SAST scan.
In this section, you can group and filter the vulnerabilities found.
The Code Viewer section allows you to view a specific source code vulnerability, including its detailed information.
Grouping and filtering SAST results
The SAST results window displays all the vulnerabilities found for a specific scan.
These vulnerabilities can be grouped and filtered according to your needs.
The goal is to make it easier for engineers responsible for reviewing and remediating code to organize results found by the SAST scanner.
In this video, we guide you through the process of grouping and filtering SAST results.
For more details and instructions, please see the following articles.
Using the code viewer to review SAST results
After selecting vulnerabilities from the results list, you can open the code viewer to get more details. The code viewer section allows you to view a specific source code vulnerability, including its detailed information. The code viewer will help engineers responsible for reviewing vulnerabilities see the risks they may bring to the project and application, and it will help them decide if they should be remediated or not. The developers responsible for remediating the findings can use the information shown in the code viewer and our recommendations to work on the fixes needed to improve the code from a security perspective.
This video will show you how to use the code viewer and its features.
For more details and instructions, please see the following articles.