Checkmarx One Eclipse Plugin
Checkmarx continues to spearhead the shift-left approach to AppSec by bringing our powerful AppSec tools into your IDE. This empowers developers to identify vulnerabilities and remediate them as they code. The Checkmarx Eclipse plugin integrates seamlessly into your IDE, enabling you to access the full functionality of your Checkmarx One account (SAST, SCA, IaC Security) directly from your IDE.
You can run new scans, or import results from scans run in your Checkmarx One account. Checkmarx provides detailed info about each vulnerability, including remediation recommendations and examples of effective remediation. The plugin enables you to navigate from a vulnerability to the relevant source code, so that you can easily zero-in on the problematic code and start working on remediation.
Key Features
Access the full power of Checkmarx One (SAST, SCA, and IaC Security) directly from your IDE
Run a new scan from your IDE even before committing the code, or import scan results from your Checkmarx One account
Provides actionable results including remediation recommendations. Navigate from results panel directly to the highlighted vulnerable code in the editor and get right down to work on the remediation.
Group and filter results
Triage results (by adjusting the severity and state and adding comments) directly from the Visual Studio console (currently supported for SAST and IaC Security)
Links to Codebashing lessons
Prerequisites
An eclipse installation, version 2019-03 (4.11) or above.
Notice
Supported platforms: Windows, Mac, Linux/GTK
You have an API key for your Checkmarx One account. To create an API key, see Generating an API Key
Notice
In order to use this integration for running an end-to-end flow of scanning a project and viewing results, the API Key must have at a minimum the out-of-the-box composite role
ast-scanner
as well as the IAM roledefault-roles
.