Checkmarx
PlexTrac supports importing XML files from Checkmarx.
Below are the mappings of fields and any reference notes to provide context. If a field is not listed, then PlexTrac does not currently import.
PlexTrac finding field | Checkmarx path | Notes |
|---|---|---|
title | <Query Name=(attribute value for title)> | The Name attribute in the Query element has _ in the name, we replace the _ with " " to create the title |
severity | <Query Severity=(attribute value for severity)> | |
references | <Query cweId=(attribute value for references)> | |
recommendations | <Result DeepLink=(attribute value for recommendations)> | We join all the items in the DeepLink element in the Result element |
description | Hard Coded w/ "This was identified via Checkmarx scanner, please view affected assets for more details." | |
tags | <Query categories=(attribute value for tags)> and <Query group=(attribute value for tags)> | Delimit categories into a list with the delimitier of ; and if the group attribute is present we append it to the categories to make all the tags |
source | Hard Coded "Checkmarx" | |
PlexTrac asset field | Checkmarx path | Notes |
|---|---|---|
asset | <Result name=(attribute to be used in asset name)> and Path> | Both the attribute name and element filename have to exist and match |
Last modified 1mo ago