Creating and Managing CxOSA Projects

Checkmarx Open Source Analysis (CxOSA) can be added to an existing CxSAST project in cases where open source components are used as part of the development effort. When CxOSA is activated, Checkmarx sends a fingerprint, or full inventory to the CxOSA cloud service. Using fingerprint/inventory, the CxOSA service maps the open source libraries, identifies any vulnerabilities, analyses license risk and compliance, builds inventory and detects outdated libraries.



Send Documentation Feedback - If you have comments about this documentation, you can contact the documentation team by sending your feedback to usWe appreciate your feedback!