NetApp logo
Documentation PortalBack to Self Assist PortalBack
Documentation Portal
Contents

Checkmarx IDE for Visual Studio Code - V 1

Prerequisites

Before you begin, ensure the following prerequisites are met:

  • VS Code version 1.63.0+
  • Checkmarx One account credentials

  • API keys - You can generate your API keys by following the API Key Generation Guide

    Important: The roles (permissions) assigned to an API Key are inherited from the user who is logged in when the API key is generated. Make sure your account has appropriate permissions to run scans by cheking with CloudOne Support team

  • Checkmarx project: A Checkmarx project must already exist. If it doesn't, you can create a project manually following these steps:

    1. Navigate to your application in Checkmarx One
    2. Click New Project - Manual Scan
    3. Type the project name as <3-letter-app_code>/<repo_name>
    4. Click Create
    5. From the new project, under the Source column, click the Scan icon
    6. Provide the repository URL, click Fetch Branches, and then enter your API token generated within CloudOne

    For more details, refer to these resources:

Getting Started

Step 1: Installing the Checkmarx VS Code Extension

  1. Open Visual Studio Code
  2. Go to the Extensions view by clicking the Extensions icon on the Activity Bar (Ctrl+Shift+X / Cmd+Shift+X on macOS)
  3. Search for Checkmarx in the Extensions marketplace

  4. Click Install on the Checkmarx extension provided by Checkmarx Inc

    Note: Ensure you have a Checkmarx One account and API token to enable authentication and access to Checkmarx One

Step 2: Configuring the Checkmarx Extension

  1. After installation, click on the Checkmarx extension icon and then click on the Open Settings button

  2. In the API Key field, enter your Checkmarx One API Key

    Note: For more details on configuring your connection, refer to the official documentation

Step 3: Running Scans

  1. Import Results: In the Checkmarx panel, click the Checkmarx icon in the left-side navigation. Enter the Scan ID to import the results from Checkmarx One
  2. Running a New Scan: Select the existing Checkmarx project and branch. Hover over the Checkmarx One Results panel and click the "Run Scan" button to initiate a new scan
  3. Viewing Results: After the scan completes, a dialog will appear asking if you’d like to load the results. Click Yes to view them in the Checkmarx panel
  4. Viewing Vulnerabilities: Click on individual vulnerabilities to view detailed information and suggested remediation

For more detailed instructions, refer to the Checkmarx One IDE Plugins documentation

CONTENTS