Best Fix Location API (SAST)
This API enables you to get the Best Fix Location information for a specific scan (by Scan ID). You can optionally limit the response to a specific vulnerability by specifying a query id.
Overview
Checkmarx uses proprietary algorithms to determine the Best Fix Location, i.e., the trategic mitigation point where remediation is most effective. For example, when the attack vectors for multiple vulnerabilities pass through a particular node, by adding a sanitizer or alidation for that node you can remediate several different vulnerable data flows in one shot. This an greatly reduce the time and effort required to remediate the vulnerabilities in your code.
This API enables you to get the Best Fix Location information for a specific scan (by Scan ID). You can optionally limit the response to a specific vulnerability by specifying a query id.
Best Fix Location URL
The URL for Best Fix Location endpoints is <base_url>/api/bfl
Swagger
To view these APIs in the Swagger UI and run sample API calls, go to <base_url>/spec/v1/ and select Best Fix Location in the definition field.
Authentication
Authentication for all Checkmarx One endpoints is done using JWT (JSON Web Token) access token. Access tokens are generated using the Authentication API.