https://github.com/checkmarx/ast-eclipse-plugin
The CxAST Eclipse plugin enables you to import results from a CxAST scan directly into your IDE. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.
https://github.com/checkmarx/ast-eclipse-plugin
checkmarx checkmarx-ast eclipse-plugin security
Last synced: 24 days ago
JSON representation
The CxAST Eclipse plugin enables you to import results from a CxAST scan directly into your IDE. You can view the vulnerabilities that were identified in your source code and navigate directly to the vulnerable code in the editor.
- Host: GitHub
- URL: https://github.com/checkmarx/ast-eclipse-plugin
- Owner: Checkmarx
- License: apache-2.0
- Created: 2021-08-31T15:44:17.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2026-03-04T14:46:18.000Z (about 2 months ago)
- Last Synced: 2026-03-04T20:42:30.875Z (about 2 months ago)
- Topics: checkmarx, checkmarx-ast, eclipse-plugin, security
- Language: Java
- Homepage: https://marketplace.eclipse.org/content/checkmarx-ast-plugin
- Size: 816 MB
- Stars: 4
- Watchers: 3
- Forks: 12
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: CODEOWNERS
Awesome Lists containing this project
README
[![Contributors][contributors-shield]][contributors-url]
[![Forks][forks-shield]][forks-url]
[![Stargazers][stars-shield]][stars-url]
[![Issues][issues-shield]][issues-url]
[![Install][install-shield]][install-url]
[![Apache License][license-shield]][license-url]
CHECKMARX ONE ECLIPSE PLUGIN
The Checkmarx One Eclipse plugin enables you to import results from a Checkmarx One scan directly into your IDE.
Explore the docs »
Marketplace »
Table of Contents
## Overview
Checkmarx continues to spearhead the shift-left approach to AppSec by bringing our powerful AppSec tools into your IDE. This empowers developers to identify vulnerabilities and remediate them **as they code**. The Checkmarx Eclipse plugin integrates seamlessly into your IDE, enabling you to access the full functionality of your Checkmarx One account (SAST, SCA, IaC Security) directly from your IDE.
You can run new scans, or import results from scans run in your Checkmarx One account. Checkmarx provides detailed info about each vulnerability, including remediation recommendations and examples of effective remediation. The plugin enables you to navigate from a vulnerability to the relevant source code, so that you can easily zero-in on the problematic code and start working on remediation.
### Main Features
* Access the full power of Checkmarx One (SAST, SCA, and IaC Security) directly from your IDE
* Run a new scan from your IDE even before committing the code, or import scan results from your Checkmarx One account
* Provides actionable results including remediation recommendations. Navigate from results panel directly to the highlighted vulnerable code in the editor and get right down to work on the remediation.
* Group and filter results
* Triage results (by adjusting the severity and state and adding comments) directly from the Visual Studio console
* Links to Codebashing lessons
## Getting Started
### Prerequisites
- An eclipse installation, version 2019-03 (4.11) or above.
> Supported platforms: Windows, Mac, Linux/GTK
- You have an **API key** for your Checkmarx One account. To create an
API key, see [Generating an API Key](https://checkmarx.com/resource/documents/en/34965-68618-generating-an-api-key.html)
> In order to use this integration for running an end-to-end flow of
scanning a project and viewing results, the API Key must have at a
minimum the out-of-the-box composite role `ast-scanner` as well as
the IAM role `default-roles`.
### Setting Up
1. Verify that all prerequisites are in place.
2. Install the **Checkmarx One** plugin and configure the settings as described [here](https://checkmarx.com/resource/documents/en/34965-68729-installing-and-setting-up-the-checkmarx-one-eclipse-plugin.html).
## Usage
To see how you can use our tool, please refer to the [Documentation](https://checkmarx.com/resource/documents/en/34965-68728-checkmarx-one-eclipse-plugin.html)
## How To Videos
- **Installing and Setting up the Plugin**
- **Running a Scan from the IDE**
- **Loading and Viewing Scan Results**
[](https://checkmarx.com/resource/documents/en/image/164fe2f6237dfa.gif "Loading and Viewing Scan Results")
## Contribution
We appreciate feedback and contribution to the ECLIPSE PLUGIN! Before you get started, please see the following:
- [Checkmarx contribution guidelines](docs/contributing.md)
- [Checkmarx Code of Conduct](docs/code_of_conduct.md)
## License
Distributed under the [Apache 2.0](LICENSE). See `LICENSE` for more information.
## Contact
Checkmarx - Integrations Team
Project Link: [https://github.com/Checkmarx/ast-eclipse-plugin](https://github.com/Checkmarx/ast-eclipse-plugin)
Find more integrations from our team [here](https://github.com/Checkmarx/ci-cd-integrations#checkmarx-ast-integrations)
© 2022 Checkmarx Ltd. All Rights Reserved.
[contributors-shield]: https://img.shields.io/github/contributors/Checkmarx/ast-eclipse-plugin.svg
[contributors-url]: https://github.com/Checkmarx/ast-eclipse-plugin/graphs/contributors
[forks-shield]: https://img.shields.io/github/forks/Checkmarx/ast-eclipse-plugin.svg
[forks-url]: https://github.com/Checkmarx/ast-eclipse-plugin/network/members
[stars-shield]: https://img.shields.io/github/stars/Checkmarx/ast-eclipse-plugin.svg
[stars-url]: https://github.com/Checkmarx/ast-eclipse-plugin/stargazers
[issues-shield]: https://img.shields.io/github/issues/Checkmarx/ast-eclipse-plugin.svg
[issues-url]: https://github.com/Checkmarx/ast-eclipse-plugin/issues
[license-shield]: https://img.shields.io/github/license/Checkmarx/ast-eclipse-plugin.svg
[license-url]: https://github.com/Checkmarx/ast-eclipse-plugin/blob/main/LICENSE
[install-shield]: https://img.shields.io/eclipse-marketplace/dt/checkmarx-ast-plugin
[install-url]: https://marketplace.eclipse.org/content/checkmarx-ast-plugin