Skip to main content

Setting Up the Visual Studio Plugin


  • The current version of the Visual Studio plugin supports Visual Studio 2019 and Visual Studio 2022.

  • The CxSAST Visual Studio plugin within the plugins repository is only compatible with the latest CxSAST version, therefore any previous version of the CxSAST Visual Studio plugin must be upgraded to the current version by uninstalling any previous version of the CxSAST Visual Studio plugin using Add/Remove Programs and Features.

To install and configure the CxSAST Visual Studio plugin:

  1. Shut down the Microsoft Visual Studio application.

  2. Navigate to and download the CxSAST Visual Studio Plugin zip archive.

  3. Extract the zip archive to a folder of your choice.

  4. Navigate to and double-click the included .vsix file to start installing the Visual Studio plugin.

  5. Confirm any security warnings and run the installation wizard. Make sure to select the relevant Visual Studio version or versions.

  6. Once the installation is complete, start Visual Studio and go to Tools > Options > CxViewer > Authentication. The exact location of the Authentication section depends n the version in use. The Authentication window is displayed.

  7. Enter the URL of the CxSAST server into the Server URL field, for example http://<server_name>.

  8. Click <Login> to authenticate. By default, the Access Control Login page appears in your browser.


In addition, the Visual Studio plugin supports authenticating via its own login prompt.

To enable athentication via this login prompt:

  1. Go to the File Explorer and navigate to the CxVSPlugin.conf file, which is located under \Visual Studio 2019\Settings.

  2. Open CxVSPlugin.conf and add the following XML tag somewhere under the <LoginData> XML tag.


  3. If the <AuthenticationType> tag is already present, change its value from access_control to username_password.

  4. Restart Visual Studio.


The Logout button can be used in case you want to log in using a different user or to a different server.

To complete installing and configuring the CxSAST Visual Studio plugin:

  1. Check Trust All SSL Certificates to add certified security to the connection.

    • If checked (by default), all certificates are trusted.

    • If cleared, only certificates signed by a trusted certificate authority are accepted.

  2. Click <Apply> and then <Close>.


The Trust All SSL Certificates checkbox only shows, if the URL starts with https (SSL)

To disable optimizing rendering for screens with different pixel densities:

  1. In Visual Studio, select Tools from the menu. The Tools menu appears.

  2. From the Tools menu, select Options. The Options dialog appears.

  3. Select General and make sure that the Optimize Rendering for Screens with different Pixel Densities checkbox is cleared as illustrated below.

  4. Click <OK> to apply your setting. You have to restart Visual Studio for the change to take effect.



Disabling this option is crucial. If it remains enabled, scan results may not apperar listed.

To validate the version of the installed plugin:

  • Navigate to Extensions > Manage Extensions and confirm that the correct version is listed.

To remove the Visual Studio plugin:

  • If you need to remove the plugin, first unbind all projects and then follow the instructions to uninstall the Checkmarx plugin.