Skip to main content

Version 3.3

Multi-Tenant version released on: December 17, 2023

Single-Tenant version released on: January 5, 2024

New features and enhancements

Analytics module

The Analytics module is a tool for executives and AppSec administrators, providing them valuable insights into their data in Checkmarx One. With the ability to switch between Totals and Over Time modes, users can obtain a clear understanding of their application security landscape. Whether analyzing Scans or Vulnerabilities, this module offers various informative charts for better decision-making.

To help you with data analysis, the module also features a flexible tag filtering system.

The Analytics module is a user-friendly tool for making informed decisions, enhancing security practices, and optimizing your organization's application security posture.

For more information, please refer to Analytics.

Support to transferred projects in Code Repository

The Code Repository integration now supports both newly created projects and the transferred ones.

Group Manager role

This release introduces the redesigned Group Manager position whose permissions are defined in the internal Keycloak system.

Group Managers can be appointed or removed only by users with the manage-groups role. A user does not need to be a member of the group to be appointed as its Manager. When appointed as a Group Manager, the user automatically becomes the Group Manager for all subgroups down to the lowest levels of the group hierarchy.

Within the group under their management, a Group Manager can only add or remove users.

These refinements offer a more precise and granular approach to group management, allowing users to perform administrative tasks only within the assigned group and its subgroups, rather than across the entire group structure.

API service for querying new Data store

  • Improved Performance: Experience faster data processing and smoother interactions, thanks to our new infrastructure.

  • Scan Usage Metrics: Gain insights into your scan activities with detailed usage statistics.

  • Vulnerability Summaries: Stay informed with comprehensive summaries of vulnerabilities detected in your systems.

Merge Request decoration

Users using GitLab CI/CD can now see actionable scan results not only within the Pipelines or CI/CD output, but also during a Merge Request.

The Merge Request comments now include a list of newly introduced vulnerabilities resulting from the code changes, as well as a compilation of vulnerabilities that have been addressed by the modifications.

Base Preset

The Base Preset has been added to Checkmarx One. It boosts scanning efficiency, prioritizing the swift retrieval of results with pertinent and impactful vulnerabilities. The preset can be used as a starting point and customized to meet your specific requirements.

Resolved issues

  • A wrong flow was applied when switching between results.

  • Null pointer exception occurred when there was no Repo ID.

  • Jira Integration attempted to close tickets that were already closed.

  • It was not possible to open the Edit Panel for the Feedback App.

  • The content for cveName and cweId attributes in the api/results endpoint for SCA findings was reversed.

  • Specific packages did not get waived through the API.

  • MFE was failing in the Single Tenant environment.

  • Search function in a project’s Scan History did not not work properly.

  • ADO Checkmarx One printout for pipelines was not displayed correctly if the policy was violated.

  • Updating a project name and designating the main branch as Primary via the API reset the tags and criticality level.

  • Some vulnerabilities were duplicated when exported from SAST to Checkmarx One.

  • The results-overview endpoint did not accept comma-separated multiple project IDs.

  • Pushing code to a branch directly did not trigger a scan.

SCA Updates

SCA Resolver Version 2.5.15

We released a new version of SCA Resolver with the following improvements:

  • For Gradle, the processing of wildcards on Gradle multi-module scans has been improved.

  • For Python, pip is no longer presented as a dependency for all Python projects.

Download the new version here.

CLI and Plugins Releases of December 2023

CLI Version 2.0.63

Status

Item

Description

UPDATED

Summary HTML

Made the summary HTML report responsive in order to improve display on narrow screens.

FIXED

gl-sast report

Fixed problem with the link to view reports for the recently added gl-sast report format.

FIXED

resultjson

Fixed problem that resultsJson report was always showing total count as zero.

CI/CD Plugins

In December we released the following CI/CD plugin versions.

  • Azure DevOps - 2.0.29 (uses CLI v2.0.63)

Improvements and Bug Fixes

Status

Item

Platform

Description

FIXED

Risk management

Azure DevOps

Fixed issue with SCA risk management.