Skip to main content

CxPS Release Internal Note (v2.6.1)



  • This is an internal page for Checkmarx only, and should not be shared with customers, prospects, or partners.

  • Updates in this version are not final and therefore subject to change.

The following release updates are available for CxIAST version 2.6.1. Use the search tool to find a specific subject.

New Features and Changes

CxIAST version 2.6.1 includes the following new features and changes:



Change to Documentation

Additional Information

Setup & Configuration

Version upgrade:

If you have version 2.5 installed, it is required to clean the DB and uninstall the version before upgrading to v2.6.1 installation.

  • Eclipse Vert.x for Java - version 3.1 and above

Server Host Requirements

  • WebLogic Server - version 12cR2 and above

Server Host Requirements

  • Supports domain user access to MSSQL Server

Installing the CxIAST Management Server

Installation & User Management

  • Role-based Access Control: Roles control what actions a user is allowed to do, ranging from limited reviewing permissions (CxIAST reviewer) to full control (CxIAST admin)

  • Users: Import new LDAP users from LDAP directory, add roles & teams to users, edit user details, reset existing user password

  • Teams: Map groups to the LDAP directory, structure hierarchy of teams, assign users to teams, add/delete/rename teams

  • Settings: Configure LDAP Server settings & Directory settings, performing LDAP synchronization

SSO over LDAP capability:

  • Authenticates CxIAST users against the LDAP server

  • Synchronizes users and groups with the LDAP server

Active Directory - LDAP SSO Configuration

Accessing the CxAC Web Interface

LDAP Settings - Directory Settings


  • Allows assignment of vulnerabilities to CxIAST users

Assign a Vulnerability to a User

  • Improved vulnerability presentation for several vulnerability types:

    • Click_Jacking

    • Missing_X_Content_Type_Options_Header

    • Missing_X_XSS_Protection_Header

    • Insecure_Outgoing_Communication

    • Outgoing_Connection_Discovery

    • Application_Entry_Point

Viewing Scan Results > Special Vulnerabilities

System Management

Query Editor with UX improvement (such as programming language selection) and IDE-like capabilities

Query Editor


Time-based license enforcement with the ability to be extended, if needed

Node.js (closed beta)

Version highlights:

  • Supported versions: Node.js 6 and above

  • Supporting all Web frameworks

  • Ecmasript6 and below

  • Supported DB: MongoDB, MySQL, PostgreSQL

CxIAST User Guide (.pdf)


Known Limitations



Setup & Configuration

When JAVA_HOME is set incorrectly, some components and services cannot be installed/run correctly.

To solve this, remove JAVA_HOME or re-configure it correctly (will be fixed in 2.6.1).

If the installer fails in the middle you can observe the inner logs in the TEMP folder. In Windows → type:

%temp% and look for the last i4j_log*.log file

If you run CxIAST services (CxIAST_Manger & CxAccessControl) under a user domain account and the account's password is changed, the services should be logged on again with the new password -

otherwise the services won't start.

Access Control (CxAC)

CxAccessControl doesn’t support .NET Core SDK 2.1. Only .NET Core SDK 2.0 is supported at the moment (will be fixed in 2.6.1).

Query Editor

Custom queries created on the previous version should be fixed, as the syntax was slightly changed:

  • FindOnTraces should be removed

  • Click on Validate to see if the syntax is correct

Supported Environments

The following environments have been tested with CxIAST version 2.6.1

Operating System


10 (or higher)

Windows Server

2012 (or higher)


Any official Linux distribution (excl. macOS)

SQL Server



* SQL express is supported, but as it is targeted for small-scale installations it is not recommended to be used.

Application Server

Apache Tomcat

7 (or higher)


8 (or higher)


7 (or higher)


10.1 (or higher)


12cR2 (or higher)

Eclipse Vert.x

3.1 (or higher)




Google Chrome

43 (or higher)

Build Servers


2.91 (or higher)

Java Version



Supported Code Languages

The following code languages can be scanned using CxIAST version 2.6.1





*Closed beta

Send Documentation Feedback - If you have comments about this documentation, you can contact the documentation team by sending your feedback to us. We appreciate your feedback!