Azure DevOps (MS-VSTS) Plugin Overview (v8.4.1 to v8.7.0)

Visual Studio Team Services (MS-VSTS) is an extension of the Microsoft Visual Studio architecture that allows it to encompass development teams, with special roles and tools for software architects, developer specialties and testers. Visual Studio is a software development environment built on the .NET Framework that is designed for managing projects and development work in a variety of languages including Visual C# .NET, Visual C++ .NET, Visual Basic .NET, Visual J# and ASP.NET. VSTS includes software development, collaboration, measurement and reporting tools that fall broadly into server-side and client-side applications.

Checkmarx CxSAST is a powerful Static Source Code Analysis (SAST) solution designed for identifying, tracking and fixing technical and logical security flaws. CxSAST is integrated seamlessly into the Software Development Life Cycle (SDLC), enabling the early detection and mitigation of crucial security flaws.

The Checkmarx plugin for MS-VSTS is integrated seamlessly into the Microsoft’s Software Development Life Cycle (SDLC), enabling the early detection and mitigation of crucial security flaws. Checkmarx plugin for MS-VSTS provides the following key benefits:

  • Scan source code – integrates smoothly within the SDLC to provide detailed near real- time feedback on code security state
  • Best fix location – highlights the best place to fix your code
  • Quick and accurate scanning – reduce false positives, adapt the rule set to minimize false positives, and understand the root cause for results
  • Incremental scanning – just test the parts of the code that have been changed since last code check-in to reduce scanning time by more than 80%. Enables incorporation of the security gate within your continuous integration pipeline
  • Seamlessly integration – works with all IDEs, build management servers, bug tracking tools and source repositories

The Checkmarx plugin for Microsoft Visual Studio Team Services is integrated seamlessly into the Microsoft’s Software Development Life Cycle (SDLC), enabling the early detection and mitigation of crucial security flaws.

Prerequisites for CxSAST - MS-VSTS

  • Registered Microsoft Visual Studio Team Services Cloud version user
  • Access to the Checkmarx plugin

Checkmarx CxServer

  • Existing User – CxServer installed on Cloud (Checkmarx Cloud Account)
  • New User – Checkmarx for Microsoft Visual Studio Team Services Registration required
  • Firewall admin must open Firewall ports to allow VSTS servers to communicate with on-premise Checkmarx IIS installation, normally ports 80 or 443.
  • Please contact Checkmarx Support with any questions or issues.