Checkmarx VisualStudio plugin installation process.

Posted Chuck Lu

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Checkmarx VisualStudio plugin installation process.相关的知识,希望对你有一定的参考价值。

 

 

1-      Configuration of plugin VSTudio

Prerequisite:

-Your visual studio MUST be up to date with the last release version in order to launch correctly the VSplugin

-Version Express on Visual Studio is not supported (Community is ok)

-Flow network matrix to check:

Source

IP

Destination

IP

Protocole/Port

Workstations

<Workstations IP >

Checkmarx server

<Server Checkmarx IP>

http/80 (si pas https)
https/443 (préféré)

 

Plugin installation :

Plugin can be downloaded by using the folowing link :

CxSAST Visual Studio Plugin

 

The CxSAST Visual Studio plugin is installed in the Visual Studio development environment, and enables:

  • Uploading a Visual Studio project‘s code to CxSAST directly from Visual Studio.
  • An interactive interface for viewing scan results in the Visual Studio environment. This interface has several advantages over the regular CxSAST web interface:
  • You can make changes to the code as you view the vulnerabilities, in the locations indicated by the scan results, without needing to switch between applications.
  • The plugin displays full paths with their intersections, rather than just the first and last elements of each vulnerability instance.
  • The plugin highlights the elements where fixes can be most efficiently applied.

Steps to follow

以上是关于Checkmarx VisualStudio plugin installation process.的主要内容,如果未能解决你的问题,请参考以下文章

Checkmarx 反射型 XSS

checkmarx下载地址

第38篇:Checkmarx代码审计/代码检测工具的使用教程

checkmarx使用笔记

CORS 和 CSRF 处理 checkMarx XSRF 攻击问题(spring boot 微服务)

Spring data JPA Checkmarx 漏洞-@Query 注解的资源访问授权不当