CheckMarx
PlexTrac supports file imports from CheckMarx in an xml format. Below are the mappings of fields.
PlexTrac finding field
CheckMarx path
Notes
title
<Query Name=(attribute value for title)>
The Name attribute in the Query element has _ in the name, we replace the _ with " " to create the title
severity
<Query Severity=(attribute value for severity)>
references
<Query cweId=(attribute value for references)>
recommendations
<Result DeepLink=(attribute value for recommendations)>
We join all the items in the DeepLink element in the Result element
description
Hard Coded w/ "This was identified via Checkmarx scanner, please view affected assets for more details."
evidence
status
tags
<Query categories=(attribute value for tags)> and <Query group=(attribute value for tags)>
Delimit categories into a list with the delimitier of ; and if the group attribute is present we append it to the categories to make all the tags
source
Hard Coded "Checkmarx"
PlexTrac Asset field
CheckMarx path
Notes
asset
<Result name=(attribute to be used in asset name)> and Path>
Both the attribute name and element filename have to exist and match
Click Next below to see more mappings.
Copy link