Compatible Integrations
- Requires set up of a Symbolic Artifact Integration and Target(s) of that type before Policy creation.
- Note that your Checkmarx Scenario will only appear in your Policy Options if you have selected a Target with an Integration of Symbolic type Artifact.
Create Policy
Suggested reading: Create a Policy
- Navigate to znOPS > Policies .
- Click on the +Add Policy button on the bottom right of the screen.
Policy Set Up
- Enter the Name and Description (see our Policy Name Recommendations)
- Select previously created Symbolic Artifact Integration and Target.
- Select “Checkmarx” Scenario that was previously activated (see Checkmarx- Activate Scenario).
- Depending on your use case, follow either the steps for Orchestrated Scans or Data Loads.
Policy Options
Suggested reading: Checkmarx - ZN’s Supported Execution Modes & Supported Versions of Tool
Orchestrated Scans
In general, the “Orchestrated Scans” option will result in ZeroNorth creating a configured item in the security tool instance and then extract results from the security tool.
- As a default the “Policy Type” in the “Scenario” section of the Policy set up is set to “Orchestrated Scan”. If it is not, In the “Scenario” section of the Policy set up, select “Orchestrated Scan” for “Policy Type”.
- In the “Checkmarx Applications Parameters” section, set Application Lookup Strategy to “Non-use default”.
- If your Checkmarx server requires specifying a Team Name , select “Scan new project” as Application Lookup Strategy and enter both Project Name and Team Name . The Team Name must use forward “/”. For example, for team name seen in the Checkmarx server “CxServer\SP\MyTeam”, enter “CxServer/SP/MyTeam”. The specified project name must not already exist in the Checkmarx server.
Additionally
Once the policy has been created, to scan the build artifact, refer to the following related articles: