Preparing for the Checkmarx Vulnerability Integration

Checkmarx SAST is an on-premise software that can be installed on a private data center or managed on the cloud. Connectivity between the ServiceNow instance and Checkmarx SAST is needed. A successful Checkmarx SAST Vulnerability Integration requires planning. Prepare for the integration by performing these tasks. The Checkmarx SAST Vulnerability Integration assumes you know the Checkmarx SAST product and API.

The role required: App-Sec Manager group.

Validate your instance sizing based on the number of vulnerable application items you expect to import. An undersized instance can lead to long load times. If you do not know the size of your instance, contact Customer Service and Support. The Checkmarx Vulnerability Integration requires a secure tunnel so the plugin can fetch data from SAST. A Checkmarx SAST user requires permission to read the scan results.

A Checkmarx SAST user requires the following permissions:

A Checkmarx SCA user requires the following permission: