Version 3.7
Multi-Tenant release date: February 18, 2024
New features and enhancements
SAST engine update
The SAST engine in Checkmarx One has been updated to version 9.6.3.
Filtering by project or application
This version introduces enhanced filter design with dynamic options for projects and applications:
Separate drop-downs for Project & Applications, CX Scanners, and Date range filters, each with clear labeling and user-friendly interaction.
Projects & Applications filter with API integration, search, autocomplete, and pagination for streamlined project selection.
CX Scanners filter to enable data filtration based on scanner types.
Improved date range selection with an intuitive combined time and date picker.
Less frequently used filters are now consolidated into a single Other Filters dropdown.
Disabling updates for recurrent issues
Continuous integration and continuous deployment (CI/CD) projects may encounter recurrent issues multiple times daily, leading to excessive Jira updates. To reduce unnecessary notifications, we have introduced an option to disable updates for recurrent issues in Checkmarx One.
Automatic assignment of new project to application
It is now possible to create a project within the application, ensuring its automatic assignment to the respective application.
Executive Overview dashboard in Analytics
The Analytics module now features a new dashboard focused on widgets for the CISO and higher management.
Note
Currently available for early adopters only.
Resolved issues
Errors with Jira Priority Mapping causing issues to not flow to JIRA.
GitHub Integration App failing to create tickets in GitHub without admin-level permissions.
Inconsistent comments on pull request scans for forks.
JIRA Feedback App Setup encountering issues with Transition States data.
Vulnerability statuses not updating in the UI.
No results visible for multiple projects.
Checkmarx SCA unable to resolve go.mod with go version 1.21.
TypeError: Cannot read properties of undefined (reading
startsWith)AST failing on KICS scan when scanning JSON files.
Swagger description for
sortAPI parameter inconsistent with actual API execution.Issues with sast-results-filter for greater than/less than comparisons.
Improper status and message in
api/applications POST/{id}/project-ruleswhen adding existing rules.Incorrect vulnerability count in CSV report on Projects list page.
Error when opening Application with inaccessible projects.
Work items not listed for one project.
Predicate change in performance environment getting stuck.
Failed creation of Feedback app from issue type "Bug" due to required fields.
Backward compatibility issue in API (api/cx-audit).
Scans getting stuck or hanging in queue, including those in Redis "Running" queue.
Unable to change status of supply chains only (Checkmarx One and CxSCA).
Unstable Scan Management\Preset page (Error 502 bad gateway).
Download Logs option missing when viewing projects at the application level.
SCA Resolver Version 2.6.1 (Feb 12, 2024)
We released a new version of the SCA Resolver tool which includes the following improvements:
Added a flag
--ignore-test-dependenciesfor ignoring test dependencies.For Nuget, added support for VB.NET projects.
Fixed exception during the FolderAnalyzer step.
For Ivy, fixed a bug when build.xml does not have a target node.
Download the new version here.