Skip to main content

Integrating the Checkmarx One Vulnerability Integration

Once all the integrations are activated, scheduled tasks invoke the integrations automatically daily and are chained to run in sequence. Each Checkmarx One application vulnerability integration is intended to provide complete data retrieval. Running them out of order requires ServiceNow and Application Vulnerability Response expertise and could result in incomplete data.

If the three integrations are not chained for execution, they will need to be run manually in the specific order of:

  1. Checkmarx One Application List Integration

  2. Checkmarx One Scan Summary Integration

  3. Checkmarx One Application Vulnerable Item Integration

    Note

    Application List Integration does not have an API filter for Start time. Hence, in each run, it will bring any changes to the existing project settings and new projects into ServiceNow.

    Application Vulnerable Item Integration and Scan Summary Integration have an API filter for Start time.

Checkmarx One Application List Integration

  1. Click Integrations.

    CheckmarxOne_Vulnerability.png
  2. Click Checkmarx One Application List Integration.

    CheckmarxOne_Application_List_Integration_Update.png
  3. Click Execute Now, if the run is not scheduled and is On Demand or Integration needs to be performed manually.

    Checkmarx_One_App_List_Integration_ExecuteNow.png

    The Application Vulnerability Integrations screen is displayed.

    Vulnerability_IntegrationRuns.png

    When the plugin shows the State and Substate of Complete and Successful respectively, the plugin has connected to the Checkmarx One instance and pulled in the project list. The first time all the project lists are imported, the plugin will ascertain how many scans there are and pull in the latest scans

Checkmarx One Scan Summary Integration

The steps for integrating the Checkmarx One Scan Summary Integration are similar to the steps above. with one exception, a date can be included.

  1. Click Checkmarx One Scan Summary Integration, as per point 2 above

  2. Click on the calendar icon and select a date and time if Run was not scheduled and is On Demand or the integration needs to be performed manually.

  3. Click Execute Now.

    Application_Vulnerability_Integration_Date_Execute_Now.png
  4. Navigate to the Settings icon to edit the time zone of Start Time.

    SettingsIcon.png
  5. Select the dropdown list to select the Time zone.

    SystemSettings.png

Note

Selected time from Start Time of the integration will be converted to Coordinated Universal Time (UTC) irrespective of the time zone selected and the converted UTC time will be used by Checkmarx One.

Checkmarx One Application Vulnerable Item Integration

The steps for integrating the Checkmarx One Application Vulnerable Item Integration are the same as the steps for the Checkmarx One Scan Summary Integration.