View Source

To configure CxSAST to run an executable before or after a scan, do the following:

1. Upload an executable: To ensure the integrity of the system and to restrict access, executable files must be uploaded manually by approved personnel.

The location used by CxSAST for executable files appears in Settings > Application Settings > General > Executables Folder.

2. Define an Action for the executable: Go to Settings > Scan Settings > Pre & Post Scan Actions > Create New Action, and configure the following:

Checkmarx Knowledge Center > Configuring an Executable Action > Create New Pre-Post Scan Action_full.jpg

Action Type: Pre-scan or Post-scan.
Name: This will appear in a drop-down list when assigning the actions to a project.
Command: Use the syntax as required by the executable or select from the list.

The command must use the same name that is used for the file located in the ‘Executables’ folder as defined in Settings > Application Settings > General > Executables Folder. Files in the 'Executables' folder appear in the drop-down list.

3. Enter the arguments required by the command.

4. For post-scan actions, you can also select whether the scan results should be XML or CSV.

5. Assign the action to a project: In a project's Advanced Actions tab, select an action from the list:

Checkmarx Knowledge Center > Configuring an Executable Action > Advanced Action - Post Scan.jpg

6. Click <Finish>.

See also: Management Settings > Scan Settings