Skip to main content

Checkmarx SCA Release Notes June 2024

Notice

These release notes relate to the SCA standalone product. Users who consume SCA through Checkmarx One should refer to the Checkmarx One release notes to see which SCA features have been released in Checkmarx One.

Warning

The IgnoreVulnerability and UnignoreVulnerability APIs, which had been used for triaging SCA vulnerabilities, will be deprecated soon. They have been replaced by the new Management of Risk API, which supports applying any Checkmarx One state and adding comments. We recommend migrating to the new API soon.

Remediation Icon

When a remediated version of a package exists, we now show a remediation icon remediate.png next to the package in the Packages tab of the scan results. Clicking on this icon takes you to that item in the Remediation Tasks tab.

Notice

This feature is only available for direct dependencies.

Improved Remediation Tasks

We have cut out the “noise” in this section by showing recommendations for replacing transitive packages only if the current package has vulnerabilities. For outdated packages without vulnerabilities, we no longer show remediation suggestions.

Global Inventory & Risks - Data Enrichment

We have enriched the Global Inventory and Risks page to include all relevant data from the SCA scan results page. We have added the following items in the Packages and Risks tabs respecitvely:

Packages Tab

  • Show only Effective licenses

  • Added Scan Date

Risks Tab

  • Added severity Score

  • Added risk State

  • Added Exploitability indicators

  • Added Category (CWE)

  • Made Package Name and Package Version into separate items

  • Added Detection Date

In addition we have improved filter and search capabilities.