CxSAST System Architecture Overview

The CxSAST system consists of the following components:


CxSAST supports the following clients (user interfaces):

  • Web Portal - provides an intuitive web interface to create, manage and analyze code scan projects in CxSAST.

  • CxAudit Guide - provides the capability to create or customize analysis queries for use in CxSAST.

  • API Guide - provides the capability for developers to create unique client implementations using the available APIs.

  • CLI - provides a command line interface for the CxSAST functionality and CI scenarios.

  • IDE Plugins - provide scanning and integrated scan result navigation directly from the IDE development environment.

  • CI/CD Plugins - provide integration to CxSAST compatible plugins (for example, Jenkins) for CI/CD scenarios.


CxSAST includes the following server components:

  • WS (IIS Web Service) - controls CxManager actions (i.e. initiating scans, viewing results and generating reports). Access Control manages roles and users.

  • CxManager - manages and integrates system components, performs all system functions utilizing the IIS Web and Result services.

  • ActiveMQ – manages messaging queues.

  • CxEngine - performs the code scans.

  • Database - stores scan results and system settings.

  • File System - controls how the data is stored and retrieved.

Architecture Types

CxSAST supports the following:

The communication between CxClient and CxManager and between CxManager and the CxEngine is maintained via HTTP by default, but can be configured to be maintained via HTTPS instead.

Starting with CxSAST v9.4.0, M&O is no longer available for new installation. For previous information about M&O, please refer to Management and Orchestration.