CxOSA Application Settings
This section provides information about the following:
CxOSA Application Setting
Application settings are currently dependent on CxSAST and can be configured as part of the CxSAST applications settings (such as Server and SMTP Settings). For more information about CxOSA-specific settings, refer to the relevant pages in this section.
OSA Settings
Click Settings > Application Settings > select CxOSA Settings. The CxOSA settings screen enables you to set the CxOSA settings for the system.
In order to start working with CxOSA settings, you first need to accept the End User License Agreement (EULA). Click the View EULA button, read and accept the agreement.
Organization Token - Displays the organization token provided by Checkmarx (read-only).The CxOSA settings fields are enabled automatically and include the following settings:
OSA Scan Options:
o Standard Scan – This option analyses open source identifiers (e.g., file name, group Id and Artifact ID) providing better accuracy, but less confidentiality (Default for new installations).
o Restricted Scan – This option analyses open source fingerprints only, providing better security, but less accuracy (Default for upgrades on existing installations).
Correlate CxOSA with CxSAST results
For this version only .NET and Java are supported.
Click Test Connection to perform a health check for connection validation.
This connection validation test checks the following CxOSA components:
Component | Description |
---|---|
Connect to CxProxy | The configured CxOSA cloud URL is reachable. For example: https://service-sca.checkmarx.net |
Connect to Engine | CxOSA was able to perform a cloud REST API call successfully |
Validate Organizational Token | The Organization Token is valid and can be used to scan |
Connect to CxOSA Services | CxOSA was able to connect to the scan services on the server (Scan Manager & Jobs Manager) |
Each tested component will indicate either successful or failed validation/connection.
CxOSA License Details
Click Management > Application Settings > select License Details. The License Details screen enables you to view CxOSA license details for the system. The General panel provides license information for CxSAST and CxOSA.
The General panel includes the following information:
Edition - License type (SDLC or Security Gate)
Expiration Date - License expiry date
LOC - The number of lines of code included in the license (CxSAST only)
HID - Hardware identification number
CxOSA License - CxOSA license status; Enabled, Disabled or Conditional (with expiration date for Conditional version).
Notice
You can copy the hardware ID (HID), for which you will need in order to obtain a license from Checkmarx. You can also obtain your hardware ID by using the shortcut in the Windows/Start > Checkmarx > HID (HardwareId).