Skip to main content

TeamCity Plugin Overview

CxSAST, CxSCA and CxOSA scan can be performed directly from a TeamCity environment by using the TeamCity's Checkmarx plugin.

CxSAST

Checkmarx CxSAST is a powerful Static Source Code Analysis (SAST) solution designed for identifying, tracking and fixing technical and logical security flaws. CxSAST is integrated seamlessly into the Software Development Life Cycle (SDLC), enabling the early detection and mitigation of crucial security flaws.

The Checkmarx TeamCity Plugin is installed in the TeamCity environment and offers the following:

  • Automatic code scan upon triggered builds, uploading the project's code to CxSAST directly from TeamCity.

  • Interface for viewing scan results summary and trends in the TeamCity environment.

  • Direct links from within TeamCity to detailed CxSAST scan results and reports.

CxSCA

The Checkmarx TeamCity Plugin is installed in the TeamCity environment and offers the following:

  • Automatic code scan upon triggered builds, uploading the project's code to CxSCA directly from TeamCity.

  • Interface for viewing scan results summary and trends in the TeamCity environment.

  • Direct links from within TeamCity to detailed CxSCA scan results and reports.

TeamCity uses a new core library with better compatibility and increased result accuracy. A new capability extracts dependencies resolving manifest files on the customer side:

  • Support for scanning the NPM package.json files

  • Support for scanning the Maven pom.xml files

  • Support for scanning the Python requirements.xml file

  • Support for scanning the NuGet .nuspec file

Using the Checkmarx TeamCity Plugin, software composition analysis (SCA) can be integrated into TeamCity so that open source packages can be automatically scanned during the development process. The Checkmarx Plugin for TeamCity enables CxSCA to be configured as part of the build step. Vulnerabilities discovered during the build process can thus be terminated.

The Checkmarx TeamCity Plugin provides software composition analysis based only on the manifest files and fingerprints. This analysis involves compressing and sending only the manifest files, configuration files, file names, and fingerprint data to the CxSCA cloud. The source code is not sent to the cloud.

CxOSA

TeamCity uses a new core library with improved compatibility and increased result accuracy. A new capability extracts dependencies resolving manifest files on the customer side:

  • Support for scanning the Python requirements.xml file

  • Support for scanning the NuGet .nuspec file