Single-Tenant (December 2022)
Where's the "New Project" Button?
We have restructured the procedures for creating new projects and applications in Checkmarx One. In order to streamline the process and make the selections more intuitive, we have united all actions under a single "call to action" button that appears on both the Projects and Applications tabs.
Click on the 
button to open the menu for creating projects and applications.
 |
Mapping selections from old format to new format
The following is a brief explanation of the new selection options.
New Project - Code Repository Integration - Create a new project that imports a code repository from your SCM and creates a persistent integration, enabling you to trigger scans based on SCM activity. (Used to be called "Import Project".)
New Project - Manual Scan - Create a project that enables you to manually initiate scans of source code by uploading a zip archive or accessing a code repository. (Used to be called "Checkmarx Project".)
New Application - Create a new application, which is used for organizing projects.
Notice
The wizards that open for creating each of these entities haven't changed, so from here on in you will be in familiar territory!
Where's the "Scan" Button?
We no longer show a 
button at the top of the Applications and Projects screen. Instead, you can initiate a scan by clicking on the 
Scan button in the row of the project that you would like to scan.
 |
Also, there is no longer an option to launch an Incremental Scan directly from the context menu at the end of a project row. Instead, you need to launch a regular scan and select the checkbox next to Incremental Scan.
 |
New features and improvements
Status | Description |
|---|---|
Version 2.72.4 (Released on December 11, 2022) | |
NEW | Config as Code now allows controlling every preset and every attribute included in the config.yml file. |
NEW | Enhanced the user list details in Checkmarx One to include the relevant user information, such as Status, Authentication provider, and Creation date. |
NEW | The ASP scan report has been Improved and aligned to be similar to SAST. |
NEW | Added the capability to filter KICS results in the Checkmarx One API. |
NEW | The link to the Feedback Profiles documentation has been added to the platform. |
NEW | The link to the Import Project documentation has been corrected. |
CLI and Plugins Release of December 2022
Version 2.0.37
Status | Item | Description |
|---|---|---|
UPDATED | API Security results | Improved handling of API Security results. |
CI/CD Plugins
In December we released the following CI/CD plugin versions.
Improvements and Bug Fixes
Status | Item | Platform | Description |
|---|---|---|---|
NEW | API Security | Azure DevOps, GitHub Actions, TeamCity | The API Security scanner is now supported for use via the CLI. When running the scan create command, you can now add |
UPDATED | IaC Security | Azure DevOps, GitHub Actions, TeamCity | The KICS scanner is now referred to in Checkmarx One as "IaC Security". All mentions of the scanner and the vulnerabilities identified by it, now refer to IaC Security. |
IDE Plugins
In December we released the following IDE plugin versions:
VS Code Extension - 2.0.13 (uses CLI 2.0.37)
Improvements and Bug Fixes
Status | Item | Platform | Description |
|---|---|---|---|
UPDATED | IaC Security | VS Code | The KICS scanner is now referred to in Checkmarx One as "IaC Security". All mentions of the scanner and the vulnerabilities identified by it, now refer to IaC Security. |
UPDATED | SCS results | VS Code | Scan results now differentiate between regular SCA vulnerabilities and Supply Chain Security (SCS) risks. |
UPDATED | Filters | VS Code | We added a new grouping category. For SCA vulnerabilities you can now differentiate between Direct Dependencies and Transitive Dependencies in the results tree. |
IDE Plugin Quick Links
Get Latest Version from Marketplace | Changelog | Documentation |
|---|---|---|