Scan Schedules
We have introduced the capability to create schedules that trigger scans of your Checkmarx One projects based on a specified recurring schedule. In the initial version, the following limitations apply:
Notice
The following limitations apply to the MVP version which will be released in the initial phase. We will soon be adding support for this feature from the web application (UI). We will also be adding more capabilities (e.g., additional scanners) and increasing flexibility (e.g., more scheduling options) in order to make scan schedules even more useful.
Schedules can only be created and managed via REST API
There can only be one project per schedule and one schedule per project (one-to-one)
Current recurrence options are either once a day or weekly, on one or more specific days of the week
Currently, supports triggering the following scanners: sast, sca and kics (IaC Security)
Maximum 1k schedules allowed per tenant account
Scheduled scans may be delayed by up to 15 minutes from the specified time, depending on the pending queue
For detailed API documentation, see here.
Viewing Scheduled Scans
Once a scheduled scan has run, the results are shown in the web application (UI) together with any other scans run on that project. You can identify scans that were initiated by a Scan Schedule based on the following identifying information (shown in the Scan History tab):
Scan Origin is marked as
Scheduler.Initiator is the user who created the schedule.
Tags that were configured in the scan schedule are applied to each of the scans that are initiated by that schedule.