Resolve integrates with Checkmarx to import vulnerability data from static code analysis scanning.
Resolve periodically queries Checkmarx for new application scan files. If a new file is detected, Resolve creates a project within the specified business unit. Findings are imported from the file and a new asset is created for the application.
Configure connection, authentication, and other settings for a Checkmarx integration.
Before you begin: Make sure you have the Resolve ID of the business unit to use for project creation. For more information, see Retrieve Resolve IDs.
- From the top menu, select .
- Click the Checkmarx card.
- At the top right, click Install.
- Enter the following information:
- Name of the Checkmarx instance
- Server address
- User name
- Client secret
- Resolve ID of the business unit to use for project creation
- FrequencyNote: The frequency must be a cron expression. For example, enter
0 * * * *to run integration actions hourly.
- Click Next or expand the Action Configuration area.
- Enable Fetch Scan.
- At the top right of the page, click Save.