Skip to main content

Viewing the Scan History Tab

Scan_History_Screen.png

The Scan History tab presents a list of all the scans that were performed within a project.

Each record shows information about each scan that was completed. The screen images illustrate a scenario where all four scanners were used for the scan.

The information appears in a table with each column indicating a different value. These values are listed and explained in the table below.

Column

Description

Possible Values

Scan Date

The date and time on which the scan was performed

  • For example Thursday, September 15, 2022, 11:46 PM

Branch

The branch that has been scanned

For .zip files, the the value is N/A.

  • Master (or any other branch)

  • N/A

Tags

Project tags

  • Any value

Initiator

The client who initiated the scan

  • Username

  • CLI

  • GitHub-Action-Integration

Scan Origin

Where was the scan triggered from

  • Browser

  • CLI

Source

Source file format

  • GitHub

  • GitLab

  • Zip

Scanners

The scanners that have been used for the scan

  • SAST

  • SCA

  • IaC Security

  • APISEC

Severity

The amount of vulnerabilities, distributed by severities

  • High High_Severity.png

  • Medium Medium_Severity.png

  • Low Low_Severity.png

Scan Type

Scan Type

  • Full Scan

  • Incremental

Duration

Scan duration

  • HH:MM:SS

Status

Scan status

  • Completed,

  • Partial - for example, it failed for one scanner, but for the remaining ones, the scan was completed

  • Failed - for all used scanners

  • Canceled

Options for what to do with the scan

  • Delete_Trash_Bin.PNG Delete the scan

  • Export.png Generate a report

Opening Scan Results

Clicking on a specific scan opens a Preview pane on the right screen side. From the Preview pane it is possible to open the Scan Results page for that specific scan.

  • Click <Results> to display the scan results for the requested scan type.

Scan_Results.png

Filtering the Scans List View

Filtering Branches

By default, the Scans list is filtered by Branch.

6407421963.png

The Scans list view includes only the Repository based scans.

Filtering Zip Files

The zip source files filter is configured in Checkmarx One as N/A.

6406078549.png

The Scans list view includes only the zip files scans.

Deleting a Scan

You can delete any scan marked as Completed from the Scan History screen.

To delete a scan:

  1. Click More_Options.png and then select Delete_Trash_Bin.PNG Delete Scan.

  2. Click <OK> to confirm your request.

SAST Scans Comparison

SAST comparison feature is designed for SAST results comparison of 2 SAST scans of the same branch / zip file.

The essence of the feature is to provide the user better understanding on which SAST vulnerabilities were added/fixed/reoccurred in the same repository branch or zip file scans.

Checkmarx One provides an interactive interface for the SAST comparison, like the results interface for a single scan.

Comparing SAST Results

To compare SAST results, perform the following:

  1. Perform at least 2 SAST scans of the same repository branch or zip file.

  2. Open the projects page by using one of the methods that appear in this link Viewing the Project Page

  3. Click on Scan History

    Scan_History1.png
  4. Select 2 scans from the list

    Note

    The scans can be full scans or incremental.

    Select_2_Scans.png
  5. Click on Compare SAST Results

    Compare_SAST_Results.png

    SAST results viewer is opened

  6. Expand the relevant language/vulnerability

    Expand_Vulnerability.png
  7. Click on one of the findings

    Open_Vulnerability.png

    SAST code viewer is opened with a comparison between the 2 selected scans

Note

The user will be able to see 3 different results statuses:

  • New Issues: Issues that were found only in the newer scan.

    The user can also add notes, change the state and those changes are reflected in the most recent scan.

  • Fixed Issues: Issues that were found only in the older scan.

    The user can't add notes nor change the state because the result is fixed.

  • Recurring Issues: Issues that were found in both scans.

    The user can also add notes, change the state and those changes are reflected in the most recent scan.

Limitations

  • The feature supports only SAST scans. If one of the selected scans doesn't contain SAST scanner the comparison option will be greyed out and disabled, with the suitable tooltip.

  • The comparison is being performed using 2 SAST scans. In case that the user selects more than 2 scans the comparison option will be greyed out and disabled, with the suitable tooltip.