Checkmarx One Azure DevOps Plugin
The Checkmarx One Azure DevOps plugin enables you to trigger SAST, SCA, IaC Security and API Security scans directly from an Azure DevOps pipeline. It provides a wrapper around the Checkmarx One CLI Tool which creates a zip archive from your source code repository and uploads it to Checkmarx One for scanning. This plugin provides easy integration with Azure while enabling scan customization using the full functionality and flexibility of the CLI tool.
Main Features
Automatically trigger SAST, SCA, IaC Security and API Security scans from Azure DevOps pipelines
Supports adding a Checkmarx One scan as a pre-configured task or as a YAML
Supports use of CLI arguments to customize scan configuration
Interface for viewing scan results summary and trends in the Azure environment
Direct links from within Azure to detailed Checkmarx One scan results and reports
Supports Team Foundation Version Control (TFVC) based repos.
Prerequisites
You have a Checkmarx One account and you have an OAuth2 Client ID and Client Secret for that account (see Creating an OAuth2 Client for Checkmarx One Integrations) or you have a Checkmarx One API Key (see Generating an API Key).