Tuesday, 21 March 2017

CheckMarx Secure Code Analyzer

  1. Login into CheckMarx using your Credentials.
  2. Go to Projects & Scans and select " Create New Project ".

  3. After select, you need to give project name, Select Preset in the field (General Tab). As shown below.
    Example :- Project Name : Universal Payment
                      Preset : APPSEC-Java-JS

  4. Click on Next. you can see Location tab, Click Source Control then click on Select button. new window will popup in there you need to select folder for Source Control i.e. SVN, GIT etc. 
  5. In Port number by default 8080 will show, we need to change 8080 to 443.
  6. Select " Required Authentication " , Enter your User Name and Password (Enterprise ID and Password). and Click on OK.

  7. After Clicking OK you can see another window where you need to select " Root " folder of Project and Click on OK.

  8. After Clicking OK, you can see Source Control got selected, Then click on Next.

  9. In next Scheduling tab select " None " and click on Next.

  10. Next in Advanced Actions tab Enter email to Example : your_email Id and select run post scan action (New_Eport_Script: PrepareAgregatedResult4Splunk.bat [XML_output]). and click on Next.

  11. In next Custom Fields Tab, select Next, and in Data Retention tab select Finish button. you can see Project got Added.

  12. Click on Full scan. it will take time to scan Project.

  13. After completed scan, click on View Project Scan.

  14. After Clicking view project scan, you can see below window. click on Create Report.

  15. After Clicking create report you can see popup window. in there form Report Format select format which is you wants to be created Example : PDF, CSV etc. and click on Generate Report Button.

  16. After Clicking Generate report it will take some time to get generate the report and will download in your local machine (Download folder).

Enjoy Learning.

No comments:

Post a Comment