CxSAST System Architecture Overview (v8.8.0)
The CxSAST system architecture overview includes the following components:
CxClient
CxSAST supports following clients (user interfaces)
- Web Portal - provides an intuitive web interface for managing and analyzing code scan projects for CxSAST.
- CxAudit - provides the capability to create or customize analysis queries for use in CxSAST.
- API - provides the capability for developers to create unique client implementations using the available APIs.
- CLI - provides a command line interface for CxSAST functionality and CI scenarios.
- IDE Plugins - provides scanning and integrated scan result navigation directly from the IDE development environment.
- CI Plugins - provides integration to CxSAST compatible plugins (e.g. Jenkins) for CI/CD scenarios.
CxServer
CxSAST includes the following server components:
- WS (IIS Web Service) - controls CxManager actions (i.e. initiating scans, viewing results and generating reports).
- CxManager - manages and integrates system components, performs all system functions utilizing the IIS Web Service.
- Application Risk Management (Optional) - manages security risk helping to drive decision across the organization based on actionable data.
- CxEngine - performs the code scans.
- Database - stores scan results and system settings.
- File System - controls how the data is stored and retrieved.
Architecture Types
CxSAST supports following architecture types:
- Centralized Architecture - where all server components are installed on the same host.
- Distributed Architecture - where any or all of the server components are installed on dedicated hosts.
- High Availability Architecture - where more than one manager is available to control system management, ensuring that in cases where one manager fails the system will continue to be fully operational.
Communication between the CxClient and CxManager as well as communication between the CxManager and the CxEngine are via HTTP (by default). HTTPS can also be configured.