README
¶
SAST to AST Export
SAST to AST Export is a standalone Checkmarx tool.
Explore the documentation »
Report Bug
·
Request Feature
SAST to AST Export
Exports triaged SAST results for import into AST.
Description
Fetches SAST triaged results and exports as an encrypted package, which can then be imported in AST.
Repo
Owners:
Thanos (previously)
AceOfSpades (previously)
Adamastor (current)
Getting Started
Prerequisites
Microsoft Windows x64
SAST v9.3 or higher.
Installation
- Download the latest version and extract the package contents
- Create export user in SAST
- Assign the following permissions:
- Sast > API > Use Odata
- Sast > Reports > Generate Scan Report
- Sast > Scan Results > View Results
- Access Control > General > Manage Authentication Providers
- Access Control > General > Manage Roles
- Assign the following permissions:
- Please refer to Wiki for more details
Execution
Run export with:
.\cxsast_exporter --user username --pass password --url http://localhost
- Replace
usernameandpasswordwith user credentials. - Replace
http://localhostwith the url to SAST, if necessary. - For detailed usage instructions, please refer to Wiki
Additional Documentation
- Technical Design Internal Wiki
- Importing SAST to Checkmarx One Wiki
- Importer Repo Wiki
Similarity Calculator
The exporter relies on a Windows binary for similarity calculation.
This is internally built by Checkmarx and provided in the external folder for inclusion with the build.
Internal repo
Contributing
We appreciate feedback and contribution to this repo! Before you get started, please see the following:
License
Distributed under the Apache 2.0. See LICENSE for more information.
Documentation
¶
There is no documentation for this package.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
pkg
|
|
|
aesctr
aesctr Credits: https://github.com/Xeoncross/go-aesctr-with-hmac
|
aesctr Credits: https://github.com/Xeoncross/go-aesctr-with-hmac |
|
test
|
|
|
mocks/app/ast_query
Package mock_interfaces is a generated GoMock package.
|
Package mock_interfaces is a generated GoMock package. |
|
mocks/app/ast_query_id
Package mock_app_ast_query_id is a generated GoMock package.
|
Package mock_app_ast_query_id is a generated GoMock package. |
|
mocks/app/ast_query_mapping
Package mock_interfaces is a generated GoMock package.
|
Package mock_interfaces is a generated GoMock package. |
|
mocks/app/export
Package mock_app_export is a generated GoMock package.
|
Package mock_app_export is a generated GoMock package. |
|
mocks/app/installation
Package mock_installation_interfaces is a generated GoMock package.
|
Package mock_installation_interfaces is a generated GoMock package. |
|
mocks/app/metadata
Package mock_app_metadata is a generated GoMock package.
|
Package mock_app_metadata is a generated GoMock package. |
|
mocks/app/method_line
Package mock_app_method_line is a generated GoMock package.
|
Package mock_app_method_line is a generated GoMock package. |
|
mocks/app/preset
Package mock_preset_interfaces is a generated GoMock package.
|
Package mock_preset_interfaces is a generated GoMock package. |
|
mocks/app/queries
Package mock_interfaces_queries is a generated GoMock package.
|
Package mock_interfaces_queries is a generated GoMock package. |
|
mocks/app/source_file
Package mock_app_source_file is a generated GoMock package.
|
Package mock_app_source_file is a generated GoMock package. |
|
mocks/integration/rest
Package mock_integration_rest is a generated GoMock package.
|
Package mock_integration_rest is a generated GoMock package. |
|
mocks/integration/similarity
Package mock_integration_similarity is a generated GoMock package.
|
Package mock_integration_similarity is a generated GoMock package. |
|
mocks/integration/soap
Package mock_integration_soap is a generated GoMock package.
|
Package mock_integration_soap is a generated GoMock package. |