Skip to main content

Scan Reports

The scan report provides comprehensive information on scans that have been run in Checkmarx One. The report provides an overview of the security of a project and includes specific vulnerabilities. Reports can be generated in PDF and JSON for SCA and IaC Security and in PDF, JSON, and CSV for SAST.


PDF reports have a limitation of 100 results per PDF. To generate a comprehensive report, it is recommended to utilize the CSV format, which does not impose any restrictions on the number of results.

To Create a Scan Report:

  1. Click on the project. The side panel slides in with the project information.

  2. Click Go to Project.

  3. Click Scan History in the menu.

  4. Select the three dots icon at the end of the row of the scan.

  5. Click Generate report.

  6. Select the SAST, SCA, or IaC Security engines to be generated from the Generate Report screen. Selecting Engines will check all engines. Click Next to continue.


    Selecting only the SAST engine option will skip the "Select Sections" step and generate a report only for the SAST engine. This report contains only KPIs related to the SAST scan and can be published in JSON or PDF format. The CSV format is also available only for SAST and includes only information about the list of results flagged by the scan.

    Adding and including other engine scans will allow you to select sections in the second step and will generate a previous type of scan report in the third step.


    Exporting in PDF and JSON formats is available for all engines.

    To Export a PDF or JSON file:
    1. Select the required sections to create a PDF or JSON file.

    2. Click Next.

    3. Select PDF or JSON.

    To Export a CSV file for SAST:
    1. Select only SAST.

    2. Click Next.

    3. Select CSV from the dropdown list.

  7. Check Send Report to email to send the report as an email.

    Emails can be sent to single, or multiple recipients. For multiple emails use a semi-colon to separate the addresses. The maximum number of recipients is 10. Any recipients added over 10 will show an error message that only 10 emails are allowed in a bulk email.

  8. Click Generate Report to download the report in the selected format.