Skip to main content

Current Multi-Tenant Version | 3.41

Multi-Tenant release date: July 7, 2025

New Features and Enhancements

Applications Column Added to New Projects Page

The Applications column is now available also for the new projects. This column shows which applications a project is associated with, helping users quickly understand project context without navigating away.

New Authentication for ADO

When setting up a code repository integration with Azure DevOps (ADO), the authentication is now done via Microsoft Entra (in place of OAuth 2.0 which was used previously). The change was made because the previous method is no longer supported by ADO. There is no functional change from the user’s perspective.

Note

Due to a known issue on Microsoft's side (Microsoft Entra), the initial integration attempt following the first consent approval may fail. If this occurs, simply initiate the OAuth flow again. The second attempt should succeed without any issues, and the connection will be established as expected.

New DAST Onboarding | Run Authenticated Scans Without a Config File

Easily start authenticated DAST scans without writing a YAML file. This new flow simplifies onboarding by guiding users through setup and authentication via a user-friendly UI, even when initiated from the CLI.

Webhook Management | Tenant-Level Support

Admins can now manage webhooks at the tenant level, enabling centralized configuration across multiple projects. This reduces manual setup, ensures consistent settings, and streamlines administration for large environments.

New API Methods | PATCH Method for Applications and Projects

The PATCH method is now supported for both Update Applications and Update Projects endpoints, allowing partial updates of specific fields without requiring the full data set.

This improves API efficiency, reduces data transfer, and simplifies workflows by letting users make quick changes - such as adding a tag - without affecting other properties. As a result, updates are faster, more flexible, and require fewer API calls.

Application Risk Management Shown in IDEs

ASPM risk score results are now shown directly in Checkmarx One IDE plugins, aligning the developer experience with the web app. This eliminates the noise of unprioritized findings by allowing developers to focus on high-risk vulnerabilities first.

The integration streamlines remediation, improves efficiency, and promotes adoption by embedding meaningful risk insights directly into the developer workflow.

This feature is currently available only for VS Code. For more information, see documentation.

Container Security

Azure Container Registry (ACR) Integration

You can now integrate ACR private registries with Checkmarx One, enabling the Checkmarx One Containers scanner to scan images in the registry. We provide a convenient wizard for setting up the integration.

For more information, see documentation.

Red Hat Quay Integration

You can now integrate Red Hat Quay private registries with Checkmarx One, enabling the Checkmarx One Containers scanner to scan images in the registry. We provide a convenient wizard for setting up the integration.

For more information, see documentation.

SBOM for Containers Scanner

We now support including data identified by the Containers scanner in SBOM reports. When generating an SBOM for an application, you can now select which scanners to include in the report, SCA and/or Containers. This will increase visibility into all of the open source components used in your application.

To learn more about Checkmarx One SBOM Reports, click here.

SCA

  • Added support for resolving dependencies in .NET 9 projects.

IaC

  • Updated IaC Engine to version 2.1.10.

  • Fixed an issue that caused unstable scan behavior, where results alternated between pass and fail.

  • Resolved an issue that caused scans to fail with an unexpected error.

  • Addressed a specific case where a JSON file caused the scan to fail.

Resolved issues

Ticket number

Description

AST-100960

An error occurred while updating the webhook.

AST-100551

The DAST CLI crashed due to an unexpected error occurring within the BuildErr function in the utilities module.

AST-99634

APISEC | KICS-runner scan took too long due to incorrect filter.

AST-97047

Project conversion failed due to insufficient permissions.

AST-101268

Scan duration was shown as 00:00:00 when run via CLI.

AST-95090

Highlighting for CORS misconfiguration was not displaying.

SCA-23324

Packages wouldn’t open, UI kept loading indefinitely.

SCA-23085

Scans took almost 4 hours to complete.

SCA-22905

SCA Inventory and Risks were not accessible.

AST-101245

SAST-RM memory leak.

AST-99270

Query Editor was not showing results.

AST-98445

Triage imported from CxSAST was not shared with other projects within the same application.

AST-98413

Project tags always appeared as "..." (collapsed).

AST-91216

Meta-results-processor encountered an error while processing engine ETL results.

AST-100506

In the new IAM UI, the Mapper Name field cleared every time the Mapper Type field was changed.

AST-99907

The Checkmarx service access option was not showing in IAM General Settings.