Binding a Visual Studio Project
Code projects can be configured in one of two CxSAST modes:
Unbound: Each time you run a scan from the IDE, a new CxSAST project is created. Your scan results can be set to appear or not appear in other developers' installations.
Bound: The code project is associated with a specific CxSAST project. Scans are run according to CxSAST project settings (automatically, via CxSAST web interface or from the IDE). All installations of the IDE with projects bound to the CxSAST project can download the latest scan results.
Binding a Project
By default, code projects are unbound. The Checkmarx SAST plugin for Visual Studio supports the following scenarios only:
The source code and the projects are part of a solution file and the solution file is opened in Visual Studio.
The source code is loaded in Visual Studio as a website.
Notice
The plugin is not supported, if the source code is opened as files or folders where Visual Studio is used as text editor only.
To bind a code project to a CxSAST project:
In the IDE, right-click the project and select CxViewer > Bind.
Select a CxSAST project, and then click Bind. The project is bound, and the CxSuite's latest scan results are downloaded to the IDE.
To bind a project, if the code is opened as a website:
Open the website project by opening File > Open > Website.
Select the project as illustrated below. The plugin menu appears even if the code is opened as a website.
The scan can be performed on a single file or folder as well.
Downloading Scan Results
After binding the project, the scan results of this project are automatically downloaded. Subsequently, scan results need to be manually downloaded.
To download scan results to a bound project:
In the IDE, right-click the project and select CxViewer > Retrieve Results.
Unbinding a Project
To unbind a project:
In the IDE, right-click the project and select CxViewer > Unbind.