- Checkmarx Documentation
- Checkmarx One
- Release Notes
- Version 3.10
Version 3.10
Multi-Tenant release date: April 1, 2024
New features and enhancements
Improved Scan Report
Improved scan report including new and enhanced KPIs for SAST, IaC and SCA scanners is now available.
To generate the improved report in the UI, enable the Generate improved scan report toggle in the Generate Report wizard (see more)
To trigger the report from the API, set the
reportName
parameter toimproved-scan-report
.
SAST enhancements
The SAST engine in Checkmarx One has been updated to version 9.6.4.
IaC enhancements
IaC v1.7.13 has been released with the following new features:
Parallel scanning
CWE information added to the common and dockerfile queries
New queries:
Cloudformation
DynamoDB Table Not Encrypted
ECS Cluster with Container Insights Disabled
API Gateway Access Logging Disabled
Docker compose
Shared Volumes Between Containers
Crossplane
ECS Cluster with Container Insights Disabled
Pulumi
ECS Cluster with Container Insights Disabled
NifCloud
Computing Has Public Ingress Security Group Rule
Computing Undefined Security Group To Instance
Computing Undefined Description To Security Group
RDB Has Backup Retention Less Than 2 Day
RDB Has Public DB Access
RDB Has Common Private Network
RDB Undefined Description To DB Security Group
Nifcloud RDB Has Public DB Ingress Security Group Rule
DNS Has Verified Record
ELB Has Common Private Network
ELB Listener Use HTTP Protocol
ELB Use HTTP Protocol
LB Listener Use HTTP Port
LB Use HTTP Port
LB Use Insecure TLS Policy ID
LB Use Insecure TLS Policy Name
NAS Has Common Private Network
NAS Undefined Description To NAS Security Group
NAS Has Public Ingress NAS Security Group Rule
Router Has Common Private Network
Router Undefined Security Group To Router
Vpn Gateway Undefined Security Group To Vpn Gateway
Resolved issues
Feedback app errors with Jira get priority REST API.
Decorating pull request for plugin azure failed with exception.
SSH scan failing because it is not detecting Tenant key.
500 Internal Server Error when trying to open risk in scan results.
500 Internal Server Error when trying to open risk in scan results.
Policy management did not allow policies with empty rules on evaluation.
Analytics - slowness to appear data from vulnerabilities.
Scan hangs when using config as code (/.checkmarx/config.yml).
Failed to install Checkmarx One Eclipse plugin version 2.0.8 on IDE version 12-2023.
Jenkins release documentation has incorrect version.
Eclipse plugin update incorrect vulnerability.
Language Mode is not behaving as the supposed default value multi.
The API Audit Trail brings an incorrect URL.
Download reports screen is saying that we don't have permissions to download project report.
Screen of a Supply Chain is grayed out like it was ignored.
All packages show "Unspecified License" in Global Inventory and Risks page.
Checkmarx One MT: Unable to download any SBOM report.
Deleting a query works but throws the HTTP error 502.
Fixed an issue that was making IaC Security Query Editor not giving proper feedback to the user during when trying to save or run a invalid rego query.
Customer JS scan is not working well.
Scan failed due to maximum message size between KICS-runner and repository store.
SCA Resolver Version 2.7.2 (Apr 18, 2024)
Added support for extracting .gz archives that contain .tar folder using the
--extract-archives
flag.
Download the new version here.
CLI and Plugins Release of April 2024
CLI Version 2.0.75
Status | Item | Description |
---|---|---|
FIXED | Log command | Fixed issue that was causing errors for log command. |
CLI Version 2.0.74
(There were no updates in version 2.0.73)
Status | Item | Description |
---|---|---|
UPDATED | Improved PDF report format | Improved the content and graphic presentation of the PDF scan report (generated using |
CLI Version 2.0.72
Status | Item | Description |
---|---|---|
NEW | Fast scan mode | Added a new flag, |
FIXED | About this vulnerability | Fixed issue with "About this vulnerability" links |
FIXED | Log generation | Fixed problem generating logs using the |
FIXED | Package managers | Added missing package managers for |
FIXED | Azure DevOps | Fixed issue that contributor-count was failing for Azure DevOps when a repo was disabled. |
CLI Version 2.0.71
Status | Item | Description |
---|---|---|
NEW | Application name | Added a new flag TipThis is only effective when creating a new project and assigning it to an existing application. |
NEW | Included files | Added |
CLI Version 2.0.70
Status | Item | Description |
---|---|---|
UPDATED | General | General improvements and bug fixes. |
CI/CD Plugins
In April we released the following CI/CD plugin versions.
Azure DevOps - 2.0.32 (uses CLI v2.0.72)
GitHub Actions Plugin - 2.0.25 (uses CLI v2.0.74)
Jenkins Plugin - 2.0.12-568.v9c19049fe239 (uses CLI v2.0.72)
Improvements and Bug Fixes
Status | Item | Platform | Description |
---|---|---|---|
NEW | Fast scan mode | Azure DevOps, GitHub Actions, Jenkins | Added a new flag, |
NEW | Application name | Azure DevOps, GitHub Actions, Jenkins | Added a new flag NoticeThis is only effective when creating a new project and assigning it to an existing application. |
NEW | Included files | Azure DevOps, GitHub Actions, Jenkins | Added |
NEW | Policy violations | GitHub Actions | Added policy violations to PR/MR decorations. |
UPDATED | Improved PD report | GitHub Actions | Improved the content and graphic presentation of the PDF scan report generated using |
Plugin | Marketplace | Code Repository | Documentation | Changelog |
---|---|---|---|---|
Azure DevOps | https://marketplace.visualstudio.com/items?itemName=checkmarx.checkmarx-ast-azure-plugin | |||
GitHub Action | https://github.com/marketplace/actions/checkmarx-ast-github-action | |||
TeamCity | https://github.com/CheckmarxDev/checkmarx-ast-teamcity-plugin | |||
Jenkins |
IDE Plugins
In April we released the following IDE plugin version:
Improvements and Bug Fixes
Status | Item | Platform | Description |
---|---|---|---|
UPDATED | AI Security Champion | VS Code | Changed the name of the AI Guided Remediation feature to AI Security Champion. |
UPDATED | Codebashing links | VS Code | Moved the Codebashing links into the Description tab. |
UPDATED | Scan date display | VS Code | Improved display of scan date in the Checkmarx One Results panel. |
FIXED | Install | Eclipse | Fixed problem installing the plugin on newer versions of Eclipse. |
FIXED | Vulnerability state | Eclipse | Fixed issue that changes made to vulnerability state weren't being shown on the correct vulnerabilities. |
FIXED | Failing installation | Eclipse | Fixed issue that installation was failing on some versions of Eclipse because of incompatible dependencies. |
FIXED | Failing installation | Eclipse | Fixed issue that installation was failing on some versions of Eclipse running on macOS because of incompatible dependencies. |
FIXED | Vulnerability descriptions | VS Code | Fixed issue that vulnerability descriptions weren't being shown for results from container scans. |
FIXED | Problem fix | VS Code | Fixed a problem that was introduced in the previous release. |
FIXED | Remediated vulnerabilities | VS Code | Remediated vulnerabilities that we identified in our project. |
FIXED | CLI version | VS Code | Uses new CLI version in which vulnerabilities affecting that project have been remediated. |
FIXED | AI Security Champion | VS Code | In the AI Security Champion tab, we improved the formatting of the response, and fixed the description of the "Confidence" score to accurately explain the likelihood of the vulnerability being exploited. |
IDE Plugin Quick Links
Get Latest Version from Marketplace | Changelog | Documentation |
---|---|---|