Version 3.21 (Early Access)

The Filter by Vulnerability Name feature in the Analytics module allows users to search for specific vulnerabilities detected in all projects within the Checkmarx One platform. Users can filter results based on vulnerability names, providing a comprehensive view of affected projects.

The Top Open and Oldest Vulnerabilities KPIs metric has been enhanced by integrating Software Composition Analysis (SCA) and Infrastructure as Code (IaC) findings into the existing SAST data. This integration offers a comprehensive view of the vulnerability resolution lifecycle across these scanners, enabling better tracking and management of remediation efforts.

The Incremental Scans KPI chart has been removed from the Scans dashboard, both in the Overtime and Total views. The new layout enhances clarity and usability by reordering elements and adding detailed information.

You can now delete multiple self-hosted repositories from the Account Settings, either in the table view or within a configuration. If repositories are connected to a configuration, the delete option will be disabled, showing an information icon. Clicking the icon displays a list of projects associated with that configuration.

The Scan Results Overview pie chart now includes results for SCS. Additionally, a new section titled "Supply Chain Security Vulnerabilities" has been introduced. This section displays a bar for each mini engine, such as "Secret Detection Severities" and "Scorecard Severities," categorized by severity levels.

Users can now export data from the vulnerabilities table to a CSV file. The CSV will include all currently displayed columns in the table, along with a direct link to the results in the platform for each vulnerability.

We now offer recommendations for remediating the package versions as part of the SCA scan report. When you generate an SCA scan report either via the UI or via API there are two new fields:

These fields were added to reports in format json, xml or csv (but not for pdf).