#Overview
Checkmarx SAST 9.x is a powerful single unified security solution for Static Source Code Analysis (CxSAST) and Software Composition Analysis (CxSCA) designed for identifying, tracking and fixing technical and logical security flaws.
Checkmarx SAST 9.x is integrated seamlessly into the Microsoft’s Software Development Life Cycle (SDLC), enabling the early detection and mitigation of crucial security flaws.
#Checkmarx SAST 9.x provides the following key benefits:
- Scan source code Integrates smoothly within the SDLC to provide detailed near real- time feedback on code security state
- Best fix location Highlights the best place to fix your code
- Quick and accurate scanning Reduce false positives, adapt the rule set to minimize false positives, and understand the root cause for results
- Incremental scanning Just test the parts of the code that have been changed since last code check-in to reduce scanning time by more than 80%. Enables incorporation of the security gate within your continuous integration pipeline
- Seamless integration Works with all IDEs, build management servers, bug tracking tools and source repositories
- Protect Your Full Code Portfolio (Open Source and In-house Source Code) Analyzing open source libraries, making sure licenses are being honored and weeding out any open source components which expose the application to known vulnerabilities, Checkmarx SAST 9.x Open Source solution provides complete code portfolio coverage under a single unified solution and with no extra installations or administration required.
- Easy to initiate Open Source Analysis Enhancing your code portfolio risk assessment coverage is merely a few mouse clicks away. With Checkmarx SAST 9.x’s Open Source Analysis, there is no need for additional installations or multiple management interfaces. Simply turn it on and within minutes a detailed report is generated with clear results and detailed mitigation instructions. Analysis results are designed with the developer in mind. No time is wasted on trying to understand the required actions items to mitigate the detected security or compliance risk.
To learn more about the Azure Devops extension features and capabilities, please refer to Checkmarx SAST 9.x ADO Extension Page