Skip to main content

Creating and Managing CxOSA Projects

Checkmarx Open Source Analysis (CxOSA) can be added to an existing CxSAST project in cases where open source components are used as part of the development effort. When CxOSA is activated, Checkmarx sends a fingerprint, or full inventory to the CxOSA cloud service. Using fingerprint/inventory, the CxOSA service maps the open source libraries, identifies any vulnerabilities, analyses license risk and compliance, builds inventory and detects outdated libraries.