Checkmarx SAST System Architecture Overview
The Checkmarx SAST system consists of the following components:
Client
SAST supports the following clients (user interfaces):
Web Portal- provides an intuitive web interface to create, manage and analyze code scan projects in SAST.
Audit Guide- provides the capability to create or customize analysis queries for use in SAST.
API Guide- provides the capability for developers to create unique client implementations using the available APIs.
CLI- provides a command line interface for the SAST functionality and CI scenarios.
IDE Plugins- provide scanning and integrated scan result navigation directly from the IDE development environment.
CI/CD Plugins- provide integration to SAST-compatible plugins (for example, Jenkins) for CI/CD scenarios.
Server
SAST includes the following server components:
WS (IIS Web Service)- controls Manager actions (i.e., initiating scans, viewing results, and generating reports). Access Control manages roles and users.
Manager- manages and integrates system components, and performs all system functions utilizing the IIS Web and Result services.
ActiveMQ– manages messaging queues.
Engine- performs the code scans.
Database- stores scan results and system settings.
File System- controls how the data is stored and retrieved.
Architecture Types
SAST supports the following:
Centralized Architecture- all server components are installed on the same host.
Distributed Architecture- some or all the server components are installed on dedicated hosts.
High Availability Architecture- more than one manager is available to control the system management, ensuring that when one manager fails, the system continues to be fully operational.
The communication between the Client and Manager and between the Manager and the Engine is maintained via HTTP by default but can be configured to be maintained via HTTPS instead.
Notice
Starting with SAST v9.4.0, M&O is no longer available for new installation. For previous information about M&O, please refer to Management and Orchestration.