Skip to main content

Multi-Tenant (February 2023)

New features and improvements

Status

Description

Version 2.80.02 (Released on February 26, 2023)

NEW

The SAST engine version in Checkmarx One has been upgraded to 9.5.3. For details, please refer to Release Notes for Engine Pack 9.5.3.

NEW

This version introduces Policy Management, the ability to define, manage, and track your organization’s security policies. The detailed description of this feature is available at Overview.

NEW

The user can now compare any two scans from the same project that was ran with the SAST engine. The comparison shows which results were fixed, which are new and recurrent between both scans. For better visibility, the scans are shown in side by side screens:

Compare_Fixed.png

NEW

Checkmarx One now allows scanning repositories that contain up to 9.5M lines of code and retrieving scan results within a reasonable time.

Version 2.79.10 (Released on February 12, 2023)

NEW

Users can now choose which engine scan results should be reflected through the feedback app. For example, they can specify that only the SAST engine results will create tickets in Jira.

NEW

The repository coverage widget has been upgraded to be compatible with the new widget that includes GitHub and GitLab. You can now click on the widget to add more repositories and improve your coverage.

NEW

Checkmarx One now allows AppSec engineers to easily monitor the percentage of source repositories in their organization’s GitLab covered by scanning.GitLab is now added to the Code repository Coverage widget alongside GitHub coverage which was released in an earlier version.

Code_Rep_Coverage.png

Note

This update is available for SCM admin users only due to their exposure to all the repositories in the organization. Other users will see the NONE value with a tooltip that explains why they cannot see that information.

NEW

A new ability to locally scan the code with the SCA engine through the IDE instead of sending it to Checkmarx One for scanning and then receiving the results. This is a free feature, which allows users to run more SCA scans and expose our product to non-Checkmarx One users.

CLI and Plugins Release of February 2023

Version 2.0.42

Status

Item

Description

NEW

PDF report options

  • Added additional options for pdf format reports. When running the results show command or the scan create command with --report-format set to pdf, you can now:

    • Add the --report-pdf-email flag to specify email recipients.

    • Add the --report-pdf-options flag to specify which sections to include in the report. Options are: Iac-Security, Sast,Sca, ScanSummary, ExecutiveSummary, ScanResults.

NEW

Report formats

Added option to generate reports in markdown format using the --report-format flag.

NEW

SCA Realtime

Added the --sca-realtime command, which enables running an SCA scan on the contents of a folder. The SCA realtime scan is similar to the KICS realtime scan in the fact that it is a free tool which does not require a Checkmarx account. The results are returned in the response body as a JSON object.

  • Tip

    Even for users with a Checkmarx account, the realtime scan results are not synced with the user's Checkmarx account.

CI/CD Plugins

In February we released the following CI/CD plugin versions.

  • Jenkins Plugin - 2.0.11-409.vddc0ca_56ce70 (uses CLI v2.0.39)

  • GitHub Actions Plugin - 2.0.17 (uses CLI v2.0.42)

  • TeamCity Plugin - 2.0.16 (uses CLI v2.0.42)

  • Azure DevOps - 2.0.20 (uses CLI v2.0.42)

Improvements and Bug Fixes

Status

Item

Platform

Description

NEW

PDF report format

TeamCity, Azure DevOps (already exists for GitHub Actions)

Added option to generate reports in PDF format.

NEW

PDf options

GitHub Actions, TeamCity, Azure DevOps

  • Added option to generate reports in PDF format by setting --report-format to pdf. For PDF format reports, you can add the following additional flags:

    • Add the --report-pdf-email flag to specify email recipients.

    • Add the --report-pdf-options flag to specify which sections to include in the report. Options are: Iac-Security, Sast,Sca, ScanSummary, ExecutiveSummary, ScanResults.

UPDATED

Product name

TeamCity

All references to AST have been changed to use the new product name "Checkmarx One".

IDE Plugins

In February we released the following IDE plugin version:

  • Visual Studio Extension - 2.0.9 (uses CLI v2.0.41)

Improvements and Bug Fixes

Status

Item

Platform

Description

UPDATED

Product name

Visual Studio

All references to AST have been changed to use the new product name "Checkmarx One".

FIXED

Attack vector

Visual Studio

Fixed problem with automatically opening the relevant files when clicking on an attack vector.

IDE Plugin Quick Links