Generating SCA Reports
You can export reports of the data identified by Checkmarx SCA scans. This includes detailed info about the open source packages in your project and the risks associated with them. There are two types of reports:
Scan Report - shows an overview of the security of your project as well as specific vulnerabilities, legal risks, and outdated versions identified by the scan.
Software Bill of Materials (SBOM) - shows detailed info about each of the open source packages used by your program and the associated risks, using CycloneDX v1.3 format.