Skip to main content

Viewing Results

Checkmarx One shows data for all the environments in your tenant account as defined in Access Control. The Environments page (Applications and Projects Environment tab) shows a table listing all of your environments.

You can also drill down to view the Environments page for an individual environment, which shows information about the scans currently running or that have finished. You can drill down further to view the All risks view, which shows detailed information about each risk identified in the last scan.

Viewing DAST Results in the Risks Table

Access DAST Results

Note

Please see here for details on triaging your DAST results.

To access the results in the Environment table, hover over the intended line and select View.

6790251153.png

All Risks

The All Risk table displays the list of risks found during the last DAST scan of the environment.

The scan results data is from a single DAST scan.

6790251147.png

Filtering Risks

The risk list supports filtering options by any column.

Filtering supports applying several filters simultaneously (with an AND condition between the filtering options).

The following filtering columns are optional:

  • Severity

  • Status

  • Risk Name

  • URL

  • Path

  • Method

6790251144.png
6790251141.png
6790251138.png

Accessing Risk Details

To access the risk details, click on the row for the risk you need details on. A new window will open, presenting a brief description of the risk and its resolution.

6790251135.png

To access more information regarding the risks:

1. Click on the Severity button.

6790251132.png

The following additional fields are displayed:

  • State

  • Risk level

  • Confidence

  • Method

  • Param

  • URI

  • Evidence

  • Attack

6790251120.png

2. In the Description pane, click View More to display a full explanation of the risk.

6790251129.png
6790251111.png

3. In the Resolution pane, click View More to display a full explanation of how to resolve the risk.

6790251126.png

4. Click View Findings to open a side panel with the following information:

  • Risk Level

  • Risk State

  • Request Headers

  • Response Body and Headers

6790251123.png
6790251105.png

Site Tree View Tab

The Site Tree visually maps your application's structures and scanned paths. It helps you see the hierarchy of URLs and their scans to understand which parts of the web application were scanned and how they are organized. A new Site Tree is created for each successful scan and appears in the Site Tree tab, separate from the Results Table.

The Site Tree is displayed in a resizable panel, enabling you to adjust the view according to your preference or screen size. Any paths where vulnerabilities are detected are visually marked with severity indicators.

Clicking on a path in the Sites Tree reveals detailed information about that node.

Scan History

The Scan History tab provides access to the results of all successful scans. Similar to adjusting results on the Results Table, you can adjust the severity or status of results in Scan History, and any changes will automatically affect other related scans.

image-20250122-110944.png

After completing a scan, the latest results are displayed in the Results Table, while previous results are moved to and can be viewed in the Scan History tab. No specific role is required to access scan history, and you can access it through the Environment by selecting View on a scan with results. This opens the environment's scan results page, where you can access Scan History via the top-right menu.

image-20250121-130901.png
In this section: