Adding OWASP Top 10 2017 to CxSAST version 8.4 and above
Step 1. Import the “OWASP Top 10 2017” Preset
Follow the instructions in our user guide to import the new preset “OWASP Top 10 2017” into CxSAST: Preset Manager (see “Importing a Preset”)
The preset file you need to import: OWASP TOP 10 - 2017.xml
Step 2. Use the “OWASP Top 10 2017” Preset
You can create a new project with the new preset “OWASP Top 10 2017”: Creating and Configuring a CxSAST Project
or change the chosen preset of an existing project to “OWASP Top 10 2017” preset: Viewing Project Details (see “General Properties”)
Step 3. You’re done!
In all future scans, CxSAST will search for OWASP Top 10 2017 vulnerabilities in your project.
Note:
In addition to this new preset, CxSAST version 8.6 will introduce the following enhancements for OWASP Top 10 2017:
New results viewer category, new queries (security rules) which extend our support for the new standard, and an “OWASP Top 10 2017” report format.
For now, when you use the new “OWASP Top 10 2017” preset, reporting will still be based on OWASP Top 10 2013 categories.