Skip to main content

Viewing GitHub Action Checkmarx One Scan Results

There are several ways to view GitHub Action scan results.

Viewing the Scan Results Summary in GitHub

You can view a summary of your scan results in GitHub.

  1. Navigate back to your GitHub repository Actions tab and click on your workflow run to see the build.

    6112346164.png
  2. Click on build to see details of the run.

    6112346170.png

    The build details are shown.

  3. Click on Checkmarx One GitHub Action.

    6112051312.png

    The section expands.

  4. Scroll down to the bottom of the log to view a summary of the scan results, including the number of High, Medium, and Low issues as well as the number of Kics, CxSAST, and CxSCA issues.

    6112051323.png

Viewing Alerts in GitHub

If in your workflow you included the code to import your Checkmarx scan results into GitHub, you can view the results in the Security tab, under Code scanning alerts.

  1. Navigate to your GitHub repository Security tab.

    6111723764.png
  2. Click on Code scanning alerts to view the vulnerabilities identified by Checkmarx One.

    6111658102.png
  3. Click on the name of an alert (vulnerability) to see more detailed information.

    6112444509.png

    The vulnerability details are shown.

    6112116889.png

Viewing Pull Request Decoration

For scans that were triggered by a pull request in GitHub, the pull request is decorated with a comment showing a list of new vulnerabilities that were introduced by the code change as well as a list of vulnerabilities that were fixed by the code change.

6333663227.png

Viewing your results in the Checkmarx UI

You can view detailed information about your scan results in the Checkmarx UI. For more information about viewing scan results, see Viewing the Project Page.