- Checkmarx Documentation
- Checkmarx One
- Checkmarx One Integrations
- Migrating from SAST to Checkmarx One
- SAST Migration Limitations
SAST Migration Limitations
The below list presents the SAST to Checkmarx One migration limitations:
Notice
The migration flow is partially manual, some data can be migrated using the export/import tool and some data and integrations will require manual work.
Limitation | Comments |
|---|---|
General | |
ast-admin and iam-admin permissions are required to execute the export / import procedures | |
CLI export tool is supported only on Windows | |
It is possible to export an existing SAST v9.3 (and up) environment | |
Projects / Scans / Results | |
Scan results are not migrated | Only results with triage are migrated Custom states are migrated and the associated permissions are created in Checkmarx One. Migrated triage maintains custom states applied to specific vulnerabilities. The following limitations apply:
|
Results older then the configurable amount of days parameter to migrate won’t be migrated | If no value is used for the parameter, the default value is 180 days |
Only one branch will be exported | |
Sources won’t be migrated | |
The ability to review findings in Code Viewer will be available only after the first real full scan via Checkmarx One | |
First scan results in Checkmarx One might be different than the latest scan in SAST due to difference in SAST scanner version | |
Users / Groups / Roles and permissions | |
Groups from SAST are not migrated to Checkmarx One |
|