Version 3.34 | March 23, 2025
New features and enhancements
Enhanced Triaging for Secret Detection and Repo Health
GA: March 30
The new triaging capabilities in the Repository Healthand Secret Detectiontabs provide a structured way to manage and prioritize findings. Users can now categorize findings by severity and state, add mandatory comments, and track all actions through a history log.
This ensures a more efficient workflow, allowing security teams to quickly address critical issues while maintaining transparency and accountability. The feature also improves clarity by clearly indicating non-exploitable risks in the UI, helping teams focus on actionable threats.
Feedback App Alerts for SCA Vulnerabilities
GA: March 30
You can now configure Feedback Apps to send automatic Alerts to Slack, Teams or Email when a new SCA vulnerability is detected in a package that is used in your projects.
API for Unlimited Filtering of Scans
GA: March 23
We have added a new API,
POST /scans/byfilters. This enables retrieving detailed information about scans, similar to
GET /scans. However, the new API does not have a limit on the number of characters used in filter submission.
External API for Analytics Database
GA: March 23
The new external API endpoints provide access to the Checkmarx One Analytics database, enabling customers to integrate their preferred Business Intelligence tools for customizable data analysis and reporting. This API also offers a unified access method for internal Checkmarx One services to consume analytics data.
By replacing multiple real-time data retrieval processes with a single, robust API, it streamlines data access, reduces integration complexity, and minimizes potential points of failure.
For more information, see documentation.
Cloud Insights: Enhancements in Public Exposure Data Logic for Replicated Images
GA: March 23
This release introduces enhancements to the Cloud Insights logic for determining the exposure status of replicated images.
Left-Side Menu Updates
In the Checkmarx One left-side menu, Insightshas been replaced with ASPM, and Analytics, Risk Management, and Cloud Insightshave been grouped under this menu.
SCA Updates
SCA Resolver Version 2.12.11 (Mar 18, 2025)
For Nuget, fixed resolution for projects that include private packages.
Download the new version here.
IAM Updates
Keycloak Upgrade
Keycloak was upgraded to version 26.1.
Resolved issues
Ticket number | Description |
|---|---|
AST-81066 | Automatic filter reset when viewing vulnerabilities in DAST results. |
AST-72972 | The ID columns in the “ast_meta_scan_results” and “ast_meta_results” tables for single-tenant deployments were incorrectly set to INT type. |
AST-73941 | Updating scan results triggered a 502 Bad Gateway error. |
AST-74875 | A scan was stuck in the Running state. |
AST-76119 | SAST encountered an error when processing engine ETL results, with the message (pq: deadlock detected). |
AST-66143 | Deleted groups still appeared on the Projects page. |
AST-80423 | Wrong behavior on the Applications page for users that have if-in-group permissions. |
AST-82542 | The
|
AST-77615 | An exception occurred during the Policy Manager SCA Engine validation step. |
AST-84342 | SAST Migration: services crashed due to a Redis error. |
AST-84428 | Mismatched vulnerabilities count between the Applications view page and the count inside a specific application. |
AST-84443 | The Resultspages for both SAST and SCA were not opening from the application page on the primary branch. |
AST-85596 | An issue with the Container Security toggle in the Code Repository Integration projects. |
SCA-21272 | CycloneDx SBOM: Package hashes were always empty. |
SCA-21576 | Direct dependencies were marked as "snoozed" even though they broke the Policy check. |
SCA-21861 | The "Identified in Package" filter was not working correctly. |
SCA-22002 | An error occurred when generating SBOM in SPDX format. |
AST-80695 | The OAuth Client UI regenerated the secret when pressing Enter in any field. |