Skip to main content

Data Transformation for Integration

After you identify the data you want to import, the data is retrieved from the Checkmarx application, processed through a set of data sources, and transformed in your instance.

Checkmarx Application Vulnerable Item Integration

The data from the API is first loaded into the Checkmarx AppVul Item Import [x_chec3_cxsast_checkmarx_appvul_item_import] table and the Checkmarx AppVul Item Transform is used to transform the imported information. To access this transform map, navigate to System Import Sets Transform Maps and search for Checkmarx AppVul Item Transform. The following table lists the transform map fields by integration.

Note

Transform data for Checkmarx Application List Integration, Checkmarx Scan Summary Integration, Checkmarx SCA Application List Integration, Checkmarx SCA Scan Summary Integration, and Checkmarx SCA Application Vulnerable Item Integration in the same way as for Checkmarx Application Vulnerable Item Integration.

Table 1. CheckmarxOne App List transforms map fields:

Source Field(from CxSAST)

Target Field(from SNOW)

Description

app_id

Source Application ID

Project Id

app_name

Application name

Project name

Team_id + Team_name

Source-assigned teams

Team ID and team name of the project.

businessApplication

Business Application

Custom Fields with Business Application keyword present in CxSAST for the given project

Custom_fields

Source additional info

Custom Fields present in CxSAST for the given project

Created_at

Description

Project Creation date for CxSCA.

Table 2. Checkmarx Scan Summary transforms map fields:

Source Field(from CxOne)

Target Field(from SNOW)

Description

app_name

Discovered Applications

Project Name.

scan_id

Source scan ID

Scan ID of the project.

scan_id + last_scan_date

Scan summary name

Scan summary with scan ID and last scan date.

total_no_flaws

Detected Flaw Count

Total number of vulnerabilities

loc

Static scan size

Number of lines of code present

Last Scan Date

Last Scan Date

Last Scan Date

Scan rating

Last scan rating

Scan rating

Table 3. CheckmarxOne AppVul Item transforms map fields:

Source Field(from CxOne)

Target Field(from SNOW)

Description

app_name

Discovered Applications

Project name

scanId + last_scan_date

Scan Summary

Scan ID  and last scan date.

business_application

business application

Custom Fields with Business Application keyword present in CxSAST for the given project

vul_state

Source finding status

State of Vulnerability like To Verify, Accepted, Confirmed, Not Exploitable, etc.

Severity

Source severity

Severity of Vulnerability High, Medium, Low, Info

SCA: Description

SAST: Snippet

Info(Line,Code,FileName)

Description

SCA: description SAST: All Path Nodes info including Line no, Code, and File name

categories

Vulnerability summary

SAST: Categories description SCA: Vulnerability description

last_scan_date

Last found

Last scan where vulnerabilities are found

Remediation status / riskState/riskStatus

Source remediation status

Status of Vulnerability New, Recurrent, and Resolved

detectionDate

First found

First scan where vulnerabilities are found

Line

Line number

The line on which the flaw is found.

Remark

Source notes

Comments

fileName

Location

The location where the flaw is found is mapped.

DeepLink

Source link

The URL to access vulnerability details in CxSAST is mapped to source_link.

source_entry_id

Vulnerability

Source entry ID

category_name

Source additional info

Category Name

destinationNodeStr

Vulnerable method info

Destination Path Nodes and snippet info including Line no, Code, Column, node ID, File name

pathHash

Source response

Hash value of all Path Nodes info

similarityId

Source request

Similarity Id

similarityId + pathHash

Source AVIT ID

SAST: similarityId + pathHash

SCA: CVE ID + package_unique_id

Scan_type

Scan type

SAST: Static

SCA: SCA

package_name / package_unique_id

Package

SCA: Package name/ Package ID for CxSCA

Exploitable path

Source Notes

SCA: Exploitable path details(File name, Line no, Exploitable path method )

Table 4. Application Vulnerability Entries Item transforms map fields:

Source Field (from CxSAST)

Target Field (from SNOW)

Description

category_name

Category name

Category name of vulnerability

scan_type

Scan type

For scan type SAST and IaC, it is 'Static,’ and for SCA, it is ‘SCA’

source_severity

Source Severity

Severity information of vulnerability in Numeric value

cvssScore

CVSS Base Score

For scan type ‘SCA’ cvssScore is mapped

cvssVector

CVSS Vector

For scan type ‘SCA’ attack Vector is mapped

first_found_date

First detection date

The date and time this result was found in the tenant

Owasptop10

OWASP

OwaspTop10 information

cwe_id

CWE entry

CWE-ID

category_group

Category Group

Category Group

SANSTop25

Short description

SANSTop25 information

query_id CWE-cweID

Source Entry ID

Source Entry ID for SAST Scanner

Checkmarx -id

Source Entry ID

Source Entry ID for SCA Scanner

cweId, queryName

CWE entry

List contains cweID and query

Checkmarx Transform Map Script Timing and Purpose

The following transform scripts are run during the transformation process.

When the script is run

Purpose

onComplete (when an import set has completed transformation)

The script processes the data source and updates the count of AVITs created, updated, or unchanged, as well as those imported as part of this integration. This script is for internal use and should not be modified or deleted.

Viewing Checkmarx Vulnerability Integration Import

  1. To check the data for the Checkmarx Application List Integration or Application Releases table, search sn_vul_app_release_list.do in Navigation.

    1.png
  2. To check data for Checkmarx Scan Summary Integration or Application Vulnerability Scan Summaries, search sn_vul_app_vul_scan_summary_list.do in Navigation.

    2.png
  3. To check data on Checkmarx Application Vulnerable Item Integration or Application Vulnerable Item, search sn_vul_app_vulnerable_item_list.do in Navigation. Search sn_vul_app_vul_entry_list.do in Navigation to view Application Vulnerable Entries.

    3.png
    VulEntries.png