Skip to main content

Version 3.8

Multi-Tenant release date: March 10, 2024

New features and enhancements

Using non-Master branch as default repository

When running a scan from the repository source with Save as default repository for the project enabled and a non-"Master" branch selected, the branch automatically reverted to "Master" in subsequent scans, creating inconsistency in configuration maintenance.

To solve this, we added a Branch field in project settings, allowing users to specify the desired branch for scanning, ensuring persistent configuration selection.

Application Risk Management feature

Checkmarx One offers a comprehensive Application Risk Management feature that allows you to prioritize and understand the risks associated with your applications. This centralized tool consolidates results from multiple scanners (currently, SAST and SCA) and provides valuable insights for resource or team managers, especially AppSec teams.

With this feature, you can proactively pinpoint vulnerabilities that require attention and address them before the development process begins.

For detailed information, refer to this page.

IaC Query Editor

Checkmarx Audit complements Checkmarx IaC Security by enabling you to quickly and intuitively customize Iac Security's analysis queries or configure additional queries for security and application logic purposes.

Audit can be used to adapt IaC Security's basic security functionality to non-standard code. This helps eliminate false positives and ensure that all real vulnerabilities are identified. Audit can also expand IaC Security's functionality to include queries supporting specific QA or application logic needs.

For detailed information, refer to this page.

SCA Resolver Version 2.6.7 (Feb 29, 2024)

  • Fixed a critical bug when saving results to a file path that already exists.

Resolved issues

  • SSH scan failed due to the inability to detect the Tenant key.

  • Jenkins plugin version 2.0.11-450.v39e936fcb_0c0 contains critical vulnerabilities.

  • SAML configuration could not be saved after changing the Single Logout Service field.

  • Typographical error found in package usage card.

  • Packages table filters were not functioning correctly.

  • Resolved issue with large requests to vulnerabilities.

  • Checkmarx One Notifications prevented closing the report creation popup.

  • Analytics experienced slowness in displaying vulnerability data.

  • Endpoint /api/inventory returned meaningless HTML content and a (404 Not Found) status.

  • Failed to install Checkmarx One Eclipse plugin version 2.0.8 on IDE version 12-2023.

  • UI truncated Regular Expression when assigning a project to an application on the application page.

  • Error message generation contained sensitive information.

  • Scan Report incorrectly returned the Branch Name.

  • Dependency column filter by DEV did not function.

  • Error occurred while saving a query in Query Editor.

  • Error encountered while generating a report for specific source code.

  • CURL failed to send ClientID with special characters.

  • PDF report creation directed to C:\Program Files\Jenkins_new instead of the working workspace.