Checkmarx
Visualize Checkmarx scan assessments, findings, and teams, and monitor changes through queries and alerts.
- Installation guide
- Checkmarx data model
Installation
The integration connects directly to Checkmarx SAST API. You will need Checkmarx service account user credentials and the associated Checkmarx Hostname to enable this integration.
To install the Checkmarx integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Checkmarx. Click New Instance to begin configuring your integration.
Creating a configuration requires the following:
The Account Name used to identify the Checkmarx account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNametoggle is enabled.Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.Your Checkmarx user's Client username, and Client password for the Checkmarx.
The Client Hostname for your Checkmarx instance. For example,
https://{hostname.checkmarx.net.If you are using a custom host, please make sure to include
.checkmarx.netwith the subdomain and omit thehttps://protocol.
Click Create once all values are provided to finalize the integration.
The Checkmarx integration retrieves the latest project scan. If it has failed, then the integration will use the last successful scan instead.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Data Model
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Account | checkmarx_account | Account |
| Assessment | checkmarx_scan | Assessment |
| Finding | checkmarx_finding | Finding |
| Project | checkmarx_project | Project |
| Service | checkmarx_dast_scanner | Service |
| Team | checkmarx_team | Team |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
checkmarx_account | HAS | checkmarx_dast_scanner |
checkmarx_account | HAS | checkmarx_team |
checkmarx_dast_scanner | PERFORMED | checkmarx_scan |
checkmarx_project | HAS | checkmarx_scan |
checkmarx_scan | IDENTIFIED | checkmarx_finding |
checkmarx_team | HAS | checkmarx_project |
Mapped Relationships
The following mapped relationships are created:
Source Entity _type | Relationship _class | Target Entity _type | Direction |
|---|---|---|---|
checkmarx_project | SCANS | *CodeRepo* | FORWARD |