Checkmarx CxSAST is a unique source code analysis solution that provides tools for identifying, tracking, and repairing technical and logical flaws in the source code, such as security vulnerabilities, compliance issues, and business logic problems. Using the CxSAST Auditor tool, you can configure your own additional queries for security, QA, and business logic purposes.
CxSAST provides scan results either as static reports, or in an interactive interface that enables tracking runtime behavior per vulnerability through the code, and provides tools and guidelines for remediation. Results can be customized to eliminate false positives, and various types of workflow metadata can be added to each result instance. Metadata is maintained through subsequent scans, as long as the instance continues to be found.
CxSAST includes a REST-based CxSAST API that supports the latest version of the REST protocol. The CxSAST (REST) API provides the ability to manage all CxSAST related tasks. The following data can be consumed through the CxSAST (REST) API; Login, Projects, Scans, Scan Results, Scan Reports, Engines, Managing Users, Data Retention and Open Source Analysis. For more information about the CxSAST (REST) API, refer to the CxSAST (REST) API Summary.