Glossary

Engine

A Checkmarx engine is where the magic happens (it’s also where a large part of our secret sauce resides).
An engine could refer to any of the following products:

  • CxSAST – A CxSAST engine is the part of the system that is running CxQueries on the source code the customer wishes to scan.
    Using each query the engines attempts to find different types of security vulnerabilities which are called results.
  • SCA/OSA

IaC (KICS) – is a standalone engine which scans and finds misconfigurations and potential vulnerabilities in infrastructure code. See kics.io for more information