Skip to main content

Presets Management

Presets are sets of queries that a user can select in order to be more accurate in the SAST scans results. By using presets, the user triages against the main capabilities that the SAST scanner provides.

Preset management is a new way to control standard/predefined presets. It provides an ability for users to easily create their own presets according to their needs.

Presets are mandatory for the SAST scanner. In case that no preset is selected for a SAST scan, the default preset that will be used for the scan is ASA Premium.

The concept of presets exists only for the SAST scanner, so other scanners don’t support it.

Presets are ordered alphabetically, and can be viewed or cloned.

There are 2 preset types:

Opening Presets Management

To open preset management, perform the following:

  1. Log in to Checkmarx One.

    Scan_MGMT.png
  2. Click on the Scan Management icon > Scan Management

    Presets_Tab.png
  3. Click on the Presets tab

Presets User Roles

To be able to manage presets in Checkmarx One, the user must have at least one of the following user roles:

  • view-preset - Users can only view presets. In case that this role is not applied, the user won't be able to see presets.

  • create-preset - Users can only create presets

  • delete-preset - Users can only delete presets.

  • update-preset - Users can only update existing presets (custom presets).

Presets Columns

Presets columns present the following information:

  • Preset Name

  • Associated Projects - An indication about which presets are assigned to existing projects.

    For additional information see Project Rules

  • Description - Preset description.

Pagination

The presets screen contains an option to change the number of presets that are presented per page.

The default is 10 rows, but it can be changed to 20 / 50 / 100 rows.

This is being done by clicking the Rows option and changing the number accordingly.

Presets_Pagination.png

Predefined Presets

Predefined presets are provided by design within the Checkmarx One presets feature.

Predefined presets can't be delete, and they will always be presented in the table before the custom presets.

The base presets and their descriptions are handled by Checkmarx SAST team, and all the versions are aligned across all Checkmarx products.

For additional information see Predefined Presets

Custom Presets

Custom presets are presets that are manually created and configured by users.

These presets will be presented in the table after the predefined presets.

It is possible to create a preset in the following methods:

Viewing a Preset

Viewing a preset provides an option to see and understand which languages and queries combine the preset.

To view a preset perform the following:

  1. Hover over the required preset.

  2. Click on the View option

    View_Preset.png

    A panel will be opened on the right screen side containing the preset's information.

    Presets_Panel.png

Note

  • The left column indicates the preset language (ASP, Apex, etc.)

  • The number next to the language indicated how many queries this specific language contains.

  • Clicking a query will open a separated browser tab with information about the query, including: Risk, Cause, General Recommendations, and code examples.

    Presets_Query_Description.png

Creating a Custom Preset

To create a custom preset, perform the following:

  1. Click on Add Preset

    Add_Preset.png
  2. In the Add Preset dialog, perform the following:

    • Preset Name - Give the preset a name. The preset name must be unique.

    • Description (Optional)

    • Click Next

      Preset_Click_Next.png
  3. In the preset configuration dialog, perform the following:

    • Select the relevant languages / queries

      Note

      • It is possible to search for a preset by CWE / Language / Query via search option.

      • All the predefined presets/queries are available, in addition to the custom presets.

    • Click Save preset

      Save_Preset.png

    The preset will be presented in the table after the predefined presets.

Cloning a Preset

The clone feature is created in order to give the user the option to create a custom preset without the need to create the entire queries sets from scratch. The user can simply clone the requested preset and modify it according to his needs.

It is possible to clone both predefined and custom presets.

To clone a preset, perform the following:

  1. Hover over the required preset.

  2. Click on the Clone option

    Clone_Preset1.png
  3. In the Cloning preset dialog perform the following:

    • Preset Name - Give the preset a name. The preset name must be unique.

    • Description (Optional)

    • Click Save Preset

      Clone_Preset2.png

    The preset will be saved and presented in the presets table after the predefined presets.

Deleting a Preset

Predefined presets can't be deleted. The only presets that can be deleted are custom and cloned presets. They can be deleted only if no projects are associated with the relevant preset.

For additional information see Project Rules

To delete a preset, perform the following:

  1. Hover over the required preset.

  2. Click on the Delete option

    Delete_Preset1.png
  3. In the confirmation screen click on Delete Preset

    Delete_Preset2.png

Configuring a Preset for Scans

Configuring a preset for scans can be accomplished in 3 levels:

  1. Tenant level - This configuration will apply on all the Tenant projects, in addition to all the scans.

    For additional information see ???

  2. Project level - This configuration will apply on a specific project, in addition to its the scans.

    For additional information see SAST Scanner Parameters

  3. Config as Code - This configuration will apply a single scan.

    For additional information see SAST Scanner Parameters

Preset Usage Verification

To verify which preset was used in the last scan, perform the following:

  1. Click on the More_Options.png > Project Settings for a specific project.

    Open_Project_Settings1.png
  2. Click on Scan History tab

    Presets_Scan_History.png
  3. Click on the relevant scan in the table

    Presets_Open_Scan.png

    A panel will be opened in the right screen side.

  4. Click on Scan Configuration tab

    Presets_Open_Scan_Config.png
  5. Expand the SAST option

  6. Verify the following:

    • Which preset was used.

    • Which configuration level it was used in.

      Presets_Verification.png