Checkmarx CxSAST

Basic Information
Version release date
Software cost
Software license
Process Integration
Deployment model
CI Server, Standalone Server
Analysis inputs
Source code
Display results in IDE
Eclipse, IntelliJ IDEA, Visual Studio
CI Integration
Ant, Bamboo, Jenkins, Maven
Can schedule scans
API method to report results in XML/JSON/CSV format
Claimed CWE coverage notes
The Checkmarx website lists CGI Reflected XSS, CGI Stored XSS, Code Injection, Command Injection, Connection String Injection, LDAP Injection, Process Control, Reflected XSS, Reflected XSS All Clients, Resource Injection, SOQL SOSL Injection, SQL injection, Second Order SQL Injection, Stored XSS, UTF7 XSS, XPath Injection, Access Control, Buffer Overflow, CGI Reflected XSS All Clients, CGI Stored XSS, CGI XSS, Cookies Scoping, Cross Site History Manipulation, DB Paramater Tampering, Dangerous Functions, Data Filter Injection, DoS by Sleep, Double Free, Environment Injection, Environment Manipulation, Files Manipulation, Frame Spoofing, Arithmetic Operation On Boolean, Blind SQL Injections, Client Side Only Validation, Cookie not Sent Over SSL, Dangerous File Upload, Dead Code, Deprecated And Obsolete, Deprecated CRT Functions VS2005, DoS by Unreleased Resources, Equals without GetHashCode, Escape False Warning, Files Canonicalization Problems, Hardcoded Absolute Path, Hardcoded Password, Password in Connection String, Impersonation Issue
Supported programming languages
ASP, C, C#, C++, Go, Groovy, HTML, Java, JavaScript, JSP, Kotlin, Objective-C, Perl, PHP, PL-SQL, Python, Ruby, Scala, Swift, TypeScript, VB.NET, VBScript, Visual Basic
Supported development frameworks
Node.js, Visualforce
Claimed Weakness Coverage
Checker Customization
Can disable checkers
Results Quality
Provides explanation of warning
Provides severity of warning
Provides code context around warning
Reporting information hasn't been collected yet for this analyzer.
Really want it? Let us know.
Installation guide or documentation
User/operator guide or documentation
Integration guide or API documentation