1- Configuration of plugin VSTudio
Prerequisite:
-Your visual studio MUST be up to date with the last release version in order to launch correctly the VSplugin
-Version Express on Visual Studio is not supported (Community is ok)
-Flow network matrix to check:
|
Source |
IP |
Destination |
IP |
Protocole/Port |
|
Workstations |
<Workstations IP > |
Checkmarx server |
<Server Checkmarx IP> |
http/80 (si pas https) |
Plugin installation :
Plugin can be downloaded by using the folowing link :
CxSAST Visual Studio Plugin
The CxSAST Visual Studio plugin is installed in the Visual Studio development environment, and enables:
- Uploading a Visual Studio project's code to CxSAST directly from Visual Studio.
- An interactive interface for viewing scan results in the Visual Studio environment. This interface has several advantages over the regular CxSAST web interface:
- You can make changes to the code as you view the vulnerabilities, in the locations indicated by the scan results, without needing to switch between applications.
- The plugin displays full paths with their intersections, rather than just the first and last elements of each vulnerability instance.
- The plugin highlights the elements where fixes can be most efficiently applied.
Steps to follow