Skip to content
/ sast-to-ast-export Public

CLI tool to export data from CxSAST and import into Checkmarx Application Security Testing Platform

License

Apache-2.0 license
2 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Checkmarx/sast-to-ast-export

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

509 Commits
.github
.github
 
 
cmd
cmd
 
 
data
data
 
 
external/windows/amd64
external/windows/amd64
 
 
internal
internal
 
 
pkg
pkg
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.golangci.yml
.golangci.yml
 
 
CODE-OF-CONDUCT.md
CODE-OF-CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
VERSION
VERSION
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
logo.png
logo.png
 
 
main.go
main.go
 
 

Repository files navigation


Logo

SAST to AST Export

SAST to AST Export is a standalone Checkmarx tool.
Explore the docs »

Report Bug · Request Feature

SAST to AST Export

Exports SAST triaged results for importing in AST.

Description

Fetches SAST triaged results and exports as an encrypted package, which can then be imported in AST.

Getting Started

Prerequisites

Microsoft Windows x64.

SAST v9.3 or higher.

Installation

  • Download the latest version and extract the package contents
  • Create export user in SAST
    • Assign the following permissions:
      1. Sast > API > Use Odata
      2. Sast > Reports > Generate Scan Report
      3. Sast > Scan Results > View Results
      4. Access Control > General > Manage Authentication Providers
      5. Access Control > General > Manage Roles
  • Please refer to Wiki for more details

Execution

Run export with:

.\cxsast_exporter --user username --pass password --url http://localhost
  • Replace username and password with user credentials.
  • Replace http://localhost with the url to SAST, if necessary.

Additional Documentation

Refer to the project Wiki for additional information

Similarity Calculator

The exporter relies on a Windows binary for similarity calculation. This is internally built by Checkmarx and provided in the external folder for inclusion with the build.

Contributing

We appreciate feedback and contribution to this repo! Before you get started, please see the following:

License

Distributed under the Apache 2.0. See LICENSE for more information.

About

CLI tool to export data from CxSAST and import into Checkmarx Application Security Testing Platform

Topics

security application ast sast

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

2 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases 13

v1.5.0 Latest
May 6, 2024
+ 12 releases

Contributors 12

Languages