- Checkmarx Documentation
- SAST/SCA Integrations
- Other Integrations
- Codebashing Integration with SAST
- Integrating Codebashing with SAST to Enable Generating Courses according to Detected Vulnerabilities
- Creating and Applying a Codebashing Course Generator
Creating and Applying a Codebashing Course Generator
For generating custom Codebashing courses, you must create a Codebashing course generator that you have to apply then to each relevant SAST project. Once applied, a course is generated for the respective project once a SAST scan is complete.
Log in to the SAST Web Portal.
Navigate to the Pre & Post Scan Actions page. To do so, go to Settings > Scan Settings > Pre & Post Scan Actions.
On the Pre & Post Scan Action page, click + Create New Action. The Create Action window is displayed.
In the Create Action window, configure the following parameters:
Action Type - select Post Scan Action.
Name - enter the name for your postscan action, for example Codebashing Course Generator.
Command - select the Codebashing Course Generator batch file VulnerabilitiesCustomCourse.bat from the dropdown list.
Arguments - select Scan results XML from the dropdown list.
Click <Create >. The custom Codebashing course generator post scan action can now be applied to any project that you choose.
Notice
This procedure must be repeated for every project for which you want to generate a custom Codebashing course.
Go to the Projects page and select the project for which you want to generate a custom Codebashing course.
Select the Advanced tab.
Click <Edit >.
Under Run post scan action, select the <name_of_Codebashing_course_generator>: VulnerabilitiesCustomCourse.bat [XML_output] post scan action from the drop-down list.
Click <Update >.
Once the scan has finished successfully, a custom Codebashing course is generated for the project and the following two files are saved in the Checkmarx\Executables\ folder:
post_scan_action.log
post_scan_action-python.log