The Query List
The Query tab contains a list of all programming languages used in the query, and under each language, a navigation tree of all associated queries.
The tree structure is as follows:
Cx - Built-in queries provided by Checkmarx, for the current code language, grouped by type and severity. Most building-block queries are in the first General group.
Corp - Customized queries available to all CxAudit users. If they are defined as Executable (in query properties), they are also run in regular CxSAST scans. Corp queries include:
CxDefaultQuery - An ad-hoc query for ad-hoc analysis or experimentation. This query can be run only manually in CxAudit, but is not executable in regular scans.
General queries - Customized versions of building-block queries from Cx > General. The Corp version overrides the Cx version.
Custom queries - Groups and queries created in CxAudit. A query with the same name as a Cx query, in a group with the same name as the Cx query's group, overrides the Cx query.
Per-Team or Per-Company folder(s) - These do not exist by default; you can create them when refining a query. Queries in these folders apply to all projects available to the relevant team or company.
Project - Customized queries that apply only to the current project.
Groups and queries marked with an asterisk (*) have changes and are not saved to the server.