Checkmarx
Instructions on how to configure API access for Checkmarx to fetch SAST, SCA, IaC, Container, and API Security Findings.
Supported Data Models
-
- type:
code
- type:
dependency
- type:
container
- type:
infrastructure
- type:
-
Resources
- type:
branch
- type:
Onboarding Checkmarx
Follow the steps below to onboard your environment to our Checkmarx integration.
Access Identity and Access Management for your Checkmarx One Environment
Once logged in to your Checkmarx One environment, navigate to Identity and Access Management unde the Settings menu.
Create an OAuth Client
- Navigate to OAuth Clients and click Create OAuth Client.
-
Provide a name and description.
-
Assign the appropriate roles/permissions. For example, at least the following scopes are required:
View-applications
View-projects
View-scans
View-results
Alternatively, you could assign a default composite role as mentioned below:
ast-viewer
- Click Save and securely store the Client ID and Client Secret.
Enter Configuration Parameters in Leen
In your Leen integration configuration, provide the following:
-
API Base URL: Provide the API BASE URL corresponding to your region. Refer the table below:
Region API Base URL US https://ast.checkmarx.net
US2 https://us.ast.checkmarx.net
EU https://eu.ast.checkmarx.net
EU2 https://eu-2.ast.checkmarx.net
Germany (DEU) https://deu.ast.checkmarx.net
Australia & NZ https://anz.ast.checkmarx.net
India https://ind.ast.checkmarx.net
Singapore https://sng.ast.checkmarx.net
UAE (MEA) https://mea.ast.checkmarx.net
Israel (Gov-IL) https://gov-il.ast.checkmarx.net
-
Tenant Name: Your Checkmarx One tenant name.
-
Client ID: From the last step.
-
Client Secret: From the last step.