Preparing for the Checkmarx Vulnerability Integration
Warning
This integration requires SAST with a Hotfix version 9.4 HF23 or 9.5 HF14 or later.
Checkmarx SAST is an on-premise software that can be installed on a private data center or managed on the cloud. Connectivity between the ServiceNow instance and Checkmarx SAST is needed. A successful Checkmarx SAST Vulnerability Integration requires planning. Prepare for the integration by performing these tasks. The Checkmarx SAST Vulnerability Integration assumes you know the Checkmarx SAST product and API.
The role required: App-Sec Manager group.
Validate your instance sizing based on the number of vulnerable application items you expect to import. An undersized instance can lead to long load times. If you do not know the size of your instance, contact Customer Service and Support. The Checkmarx Vulnerability Integration requires a secure tunnel so the plugin can fetch data from SAST. A Checkmarx SAST user requires permission to read the scan results.
A Checkmarx SAST user requires the following permissions:
Use Odata
Save/Update Project
View Failed Sast Scan
Generate Scan
Report Export
Scan Results
View Results
Manage System Settings
Manage Result Comment
A Checkmarx SCA user requires the following permission:
SCA Scanner