Skip to main content

Multi-Tenant Releases (November 2022)

New features and improvements

Status

Description

Version 2.72.2 (Released on November 27, 2022)

NEW

Search options for Bitbucket now include the search by branch name.

NEW

Enhanced the user list details in Checkmarx One to include the relevant user information, such as Status, Authentication provider, and Creation date.

NEW

The ASP scan report has been Improved and aligned to be similar to SAST.

NEW

Added the capability to filter KICS results in the Checkmarx One API.

NEW

The link to the Feedback Profiles documentation has been added to the platform.

NEW

The link to the Import Project documentation has been corrected.

Version 2.71.1 (Released on November 20, 2022)

NEW

Starting with this version, Checkmarx One users can select presets, that is predefined sets of queries when creating, configuring or branching projects. Checkmarx provides out of the box presets and allows configuring custom presets.

To create and manage presets use the Scan Management page.

NEW

The logic of displaying scan results in CLI has been adjusted to show the results for enabled engines only.

NEW

The branch filter is now taken in consideration when updating GitHub Issues.

Version 2.70 (Released on November 6, 2022)

NEW

The SAST migration process now supports the import of presets and custom queries.

NEW

Starting with this release, users are not required to provide the tenant name and server URI when doing authentication. Checkmarx One extracts this data automatically from the API key.

Resolved issues

Status

Description

Version 2.74.2 (Released on December 11, 2022)

FIXED

Fixed an issue that caused a scan to get stuck in the middle.

FIXED

When the project level override is set to base, the tenant level query is applied.

FIXED

The branch filter is now taken in consideration when updating Azure Issues.

CLI and Plugins Release of November 2022

New CLI Versions

Version 2.0.36

Status

Item

Description

NEW

API scanner support

The API Security scanner is now supported for use via the CLI. When running the scan create command, you can now add api_security to the list of scanners under --scan-types.

UPDATED

KICS renamed to IaC

The KICS scanner is now referred to in Checkmarx One as "IaC Security". All mentions of the scanner and the vulnerabilities identified by it, now refer to IaC Security.

UPDATED

SCA results filters

Scan results now differentiate between regular SCA vulnerabilities and Supply Chain Security (SCS) risks. In addition, a distinction is now made between direct dependencies and transitive dependencies.

Version 2.0.35

Status

Item

Description

NEW

Contributor count

Added support for Bitbucket Server for the contributor-count command, see bitbucket-server.

NEW

Supply chain securtity (SCS)

Added support for identifying "supply chain" vulnerabilities.

Version 2.0.34

General improvements and bug fixes

Version 2.0.33

Improvements and Bug Fixes

Status

Item

Description

UPDATED

Polling status

Improved methods for polling status and retrying scans.

CI/CD Plugins

In October we released the following CI/CD plugin versions.

Improvements and Bug Fixes

Status

Item

Platform

Description

NEW

API Key

GitHub Actions, TeamCity, Jenkins, (already supported for Azure DevOps)

Added the option to authenticate with Checkmarx One using an API Key instead of using an Oauth2 Client.

Tip

When you authenticate using an API Key, there is no need to submit your account info (Base URL, Auth URL, Tenant name).

Learn how to generate an API Key hereGenerating an API Key

NEW

Step output

GitHub Actions

The scan ID is now given as an output of the step, so that it can be used to obtain data from the scan for use in subsequent steps.

UPDATED

Report build fail

TeamCity, Jenkins

A report is now generated when a build fails because of a threshold set in the Checkmarx One plugin.

IDE Plugins

In October we released the following IDE plugin versions:

  • VS Code Extension - 2.0.12 (uses CLI 2.0.34)

  • JetBrains Plugin - 2.06 (uses CLI 2.0.34)

  • Eclipse Plugin - 2.0.5 (uses CLI 2.0.34)

Improvements and Bug Fixes

Status

Item

Platform

Description

UPDATED

Rename tab

VS Code, JetBrains, Eclipse

The "Code samples" tab was renamed "Remediation Examples".