Transport False-Positive comments to Checkmarx report I want to find the best way to address false positives in the Checkmarx report One of the points I am investigating is how to make the Checkmarx report to display the false positive comment that has
security - How Checkmarx works - Salesforce Stack Exchange Can someone please advise how Checkmarx Force com Security Source Scanner will be performing code review Is code review happening within Salesforce servers or code get ported to Checkmarx server How
CheckMarx FLS Create Update Vulnerability in Salesforce Apex Code As such this is a Checkmarx false positive and must be addressed by explaining the scenario in your submission documentation This answer covers how you can also best to comment the relevant code to help the Salesforce Security Team navigate the report from Checkmarx
Why Is Checkmarx Taking So Long To Complete? [closed] Recently submitted an app to the Force com source code scanner by CheckMarx, after 5 days still there is no sign of scanning report It will be helpful if that tool tells some approx waiting period