CxSCA - Integrations and Plugins

CxSCA, using plugins, can be integrated into development tools, so that open source packages can be automatically scanned during the development process. For example, the Checkmarx Plugin for Jenkins enables SCA scanning to be configured as part of the build step, so that if vulnerabilities are discovered the build process can be terminated.

The Checkmarx Plugins provide software composition analysis based only on the manifest files and fingerprints. This analysis involves compressing and sending only the manifest files, configuration files, file names, and fingerprint data to the CxSCA cloud. The source code is not sent to the cloud.

The following plugins support CxSCA:

Platform

Plugin Documentation

Platform

Plugin Documentation

CLI

CLI Plugin

CxFlow

CxFlow

Jenkins

Jenkins Plugin

Azure DevOps

Azure DevOps (MS-VSTS)

TeamCity

TeamCity Plugin

Bamboo

Bamboo

For more information, visit Plugins & Integrations Documentation.

 

 

Related pages