Checkmarx CxSAST is a unique source code analysis solution that provides tools for identifying, tracking, and repairing technical and logical flaws in the source code, such as security vulnerabilities, compliance issues, and business logic problems.
...
The input to CxSAST's scanning and analysis is the source code, not binaries, so no building or compiling is required, and no libraries need to be available. The code doesn't even need to be able to compile and link properly. Consequently, CxSAST can run scans and generate security reports at any given point in a software project's development life cycle.
CxSAST supports Open Source Analysis (CxOSA) enabling licensing and compliance management, vulnerabilities alerts, policy enforcement and reporting. CxOSA supports all the most common programming languages, enabling organizations to secure all their open source components in addition to the in-house developed code analysis coverage: (see /wiki/spaces/CCOD/pages/853803100).
You can integrate CxSAST into several aspects of your development cycle, such as with software build automation tools (Apache Ant and Maven), software development version control systems (GIT), issue tracking and project management software (JIRA), repository hosting services (GitHub), application vulnerability management platforms (ThreadFix), continuous integration platforms (Bamboo and Jenkins), continuous code quality inspection platforms (SonarQube) and source code management tools (TFS).
...
| Section | ||||
|---|---|---|---|---|
|
...