Resolve integrates with Checkmarx to import vulnerability data from static code analysis scanning.

Resolve periodically queries Checkmarx for new application scan files. If a new file is detected, Resolve creates a project within the specified business unit. Findings are imported from the file and a new asset is created for the application.

Configure connection, authentication, and other settings for a Checkmarx integration.

Before you begin: Make sure you have the Resolve ID of the business unit to use for project creation. For more information, see Retrieve Resolve IDs.

  1. From the top menu, select Administration > Integrations.
  2. Click the Checkmarx card.
  3. At the top right, click Install.
  4. Enter the following information:
    • Name of the Checkmarx instance
    • Server address
    • User name
    • Password
    • Client secret
    • Resolve ID of the business unit to use for project creation
    • Frequency
      Note: The frequency must be a cron expression. For example, enter 0 * * * * to run integration actions hourly.
  5. Click Next or expand the Action Configuration area.
  6. Enable Fetch Scan.
  7. At the top right of the page, click Save.