Skip to main content

Creating Projects

Checkmarx One Projects creation and configuration can be performed using one of the following options:

  • Manual Scan

  • Code Repository Integration

Creating a Manual Scan Project

A Manual Scan Project is a Project that is manually created on the Application and Project home page.

After successfully logging in to Checkmarx One, the Applications and Projects home page appears.

To create a new Manual Scan project:

  1. In the Applications and Projects home page, click on the Image_937.png button and then select New Project - Manual Scan.

    Image_941.png

    The New Project window opens.

    Image_945.png
  2. In the New Project window, configure the following:

    • Project Name - Should indicate the source code to be scanned and tracked.

    • Project Tags (Optional) - Assign tags to a project. Tags are very useful for projects filtering purposes.

      Tagging has no dependencies in any other component, and it is possible to configure any required value.

    • Groups (Optional) - Assign groups to a project. Once a group is assigned to a project, all the group members will be able to perform actions in the project (Scan source codes, view results, etc.)

    • By Rule (Optional) - Rules that are configured in the Scanner Default Settings are presented in the Project configuration wizard. This option allows the user to perform the following:

      • See which rules were configured for the Tenant level.

      • Update/Add rules and apply them to the Project level.

    Note

    • By Rule is not supported by API Security at present.

      In case that no rules are configured via Scanner Default Settings no values are presented in the wizard

    • Project level is a higher configuration level than Tenant level. Setting the Allow Override option on the Tenant level allows overriding the parameters on the Project level.

    • Each scanner has a different set of Parameters.

    • Checking Allow_Override.pngAllow Override allows overriding the same parameter on a higher level of the configuration.

    • If the defaultConfig.xml file appears in the By Rule section, it indicates that customized settings for the default configuration were implemented at the tenant level with the intention of improving scan results or to assist in troubleshooting issues. Once these settings are established, they are automatically applied to every project.

      If you wish to use a different defaultConfig.xml file, reach out to support for assistance, or contact your Product Account Manager (PAM) directly.

  3. Click Create Project. The new project is successfully added to the list of projects.

    Image_942.png

Creating a Code Repository Integration Project

Checkmarx One provides the option to import any project from a Source Code Management tool (SCM). The projects can be imported from a Cloud Hosted environment or a Self-Hosted one.

Checkmarx has created a very easy and straightforward import process, with emphasis on the process simplicity.

Note

API Security does not support importing projects at present.

Cloud Hosted SCMs

Checkmarx One supports the 4 most common cloud based SCM’s. For more information, see Checkmarx One SCM Integrations.

Self Hosted SCMs

Checkmarx One supports the below several self-hosted SCM’s. For more information, see Checkmarx One SCM Integrations.