Integrate Checkmarx SCA with Vulnetix. Use the Checkmarx One CLI (cx) to scan dependencies and export results as SARIF or CycloneDX for upload to Vulnetix.
SaaS platformSARIFCycloneDXSPDXJSON
Run Checkmarx CxSCA in CI
Scan on every push and upload the results to Vulnetix:
- name: Checkmarx One SCA Scan
uses: checkmarx-ts/checkmarx-one-github-action@v1
with:
base-uri: ${{ secrets.CX_BASE_URI }}
client-id: ${{ secrets.CX_CLIENT_ID }}
client-secret: ${{ secrets.CX_CLIENT_SECRET }}
scan-types: 'sca'
output-format: 'sarif'
- name: Upload SARIF to Vulnetix
run: vulnetix upload --file results/cx_result.sarif
Centralise Checkmarx CxSCA results in Vulnetix
Upload Checkmarx CxSCA SARIF, CycloneDX, SPDX, JSON output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.