Skip to main content

Feedback Apps

Feedback Apps feature provides the ability to export Checkmarx One scan results to an external tool such as a Bug Tracking Service, Team Collaboration or even a File.

Notice

Feedback Profiles can be assigned to the following scan types:

  1. ZIP scans for any supported SCM.

    For additional information see Checkmarx One SCM IntegrationsCheckmarx One SCM Integrations

  2. Repository scans for any supported SCM.

    For additional information see Checkmarx One SCM IntegrationsCheckmarx One SCM Integrations

  3. ZIP scans for Checkmarx projects (Manually created projects).

    For additional information see Creating a Checkmarx ProjectCreating a Checkmarx Project

  4. For repository scans for Checkmarx projects (Manually created projects) - See Assigning a Feedback Profile to a Checkmarx Project - Repository path scans

Feedback Profiles contain Feedback Apps, divided into 3 types:

  • Bug Tracking tools are Jira, GitHub Issues, and Azure DevOps Bug Board.

  • Team Collaboration tools are Slack and Microsoft Teams.

  • File exports would be Sarif and JSON.

Other types of Feedback Apps will be supported as well such as Agile Planning tools (for example: Rally) and many others.

Almost all Checkmarx users use Bug Trackers as a way of triaging and managing bugs, and Team Collaboration tools as their way of notifying vulnerabilities with other team members.

The Feedback Apps automation will create, modify, and close bug tracking tickets and/or automate collaboration tools to notify team members about security vulnerabilities.

It is also possible to use multiple Feedback Apps - For example create a bug in Jira and send a Slack message.

To handle this type of request, we need to Create a New Feedback Profile that will handle one or more Feedback Apps.