diff --git a/cmd/checkmarxOneExecuteScan.go b/cmd/checkmarxOneExecuteScan.go
index af790a348..24731bc67 100644
--- a/cmd/checkmarxOneExecuteScan.go
+++ b/cmd/checkmarxOneExecuteScan.go
@@ -419,6 +419,9 @@ func (c *checkmarxOneExecuteScanHelper) CreateScanRequest(incremental bool, uplo
 	}
 
 	branch := c.config.Branch
+	if len(branch) == 0 && len(c.config.GitBranch) > 0 {
+		branch = c.config.GitBranch
+	}
 	if len(c.config.PullRequestName) > 0 {
 		branch = fmt.Sprintf("%v-%v", c.config.PullRequestName, c.config.Branch)
 	}
diff --git a/cmd/checkmarxOneExecuteScan_generated.go b/cmd/checkmarxOneExecuteScan_generated.go
index 464f1027d..06d8d653f 100644
--- a/cmd/checkmarxOneExecuteScan_generated.go
+++ b/cmd/checkmarxOneExecuteScan_generated.go
@@ -32,6 +32,7 @@ type checkmarxOneExecuteScanOptions struct {
 	GithubToken                          string   `json:"githubToken,omitempty"`
 	Incremental                          bool     `json:"incremental,omitempty"`
 	Owner                                string   `json:"owner,omitempty"`
+	GitBranch                            string   `json:"gitBranch,omitempty"`
 	ClientSecret                         string   `json:"clientSecret,omitempty"`
 	APIKey                               string   `json:"APIKey,omitempty"`
 	Preset                               string   `json:"preset,omitempty"`
@@ -356,6 +357,7 @@ func addCheckmarxOneExecuteScanFlags(cmd *cobra.Command, stepConfig *checkmarxOn
 	cmd.Flags().StringVar(&stepConfig.GithubToken, "githubToken", os.Getenv("PIPER_githubToken"), "GitHub personal access token as per https://help.github.com/en/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line")
 	cmd.Flags().BoolVar(&stepConfig.Incremental, "incremental", true, "Whether incremental scans are to be applied which optimizes the scan time but might reduce detection capabilities. Therefore full scans are still required from time to time and should be scheduled via `fullScansScheduled` and `fullScanCycle`")
 	cmd.Flags().StringVar(&stepConfig.Owner, "owner", os.Getenv("PIPER_owner"), "Set the GitHub organization.")
+	cmd.Flags().StringVar(&stepConfig.GitBranch, "gitBranch", os.Getenv("PIPER_gitBranch"), "Set the GitHub repository branch.")
 	cmd.Flags().StringVar(&stepConfig.ClientSecret, "clientSecret", os.Getenv("PIPER_clientSecret"), "The clientSecret to authenticate using a service account")
 	cmd.Flags().StringVar(&stepConfig.APIKey, "APIKey", os.Getenv("PIPER_APIKey"), "The APIKey to authenticate")
 	cmd.Flags().StringVar(&stepConfig.Preset, "preset", os.Getenv("PIPER_preset"), "The preset to use for scanning, if not set explicitly the step will attempt to look up the project's setting based on the availability of `checkmarxOneCredentialsId`")
@@ -521,6 +523,20 @@ func checkmarxOneExecuteScanMetadata() config.StepData {
 						Aliases:   []config.Alias{{Name: "githubOrg"}},
 						Default:   os.Getenv("PIPER_owner"),
 					},
+					{
+						Name: "gitBranch",
+						ResourceRef: []config.ResourceReference{
+							{
+								Name:  "commonPipelineEnvironment",
+								Param: "github/branch",
+							},
+						},
+						Scope:     []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"},
+						Type:      "string",
+						Mandatory: false,
+						Aliases:   []config.Alias{},
+						Default:   os.Getenv("PIPER_gitBranch"),
+					},
 					{
 						Name: "clientSecret",
 						ResourceRef: []config.ResourceReference{
diff --git a/pkg/checkmarxone/cxjson_to_sarif.go b/pkg/checkmarxone/cxjson_to_sarif.go
index 27d8e0cec..c0fe1114e 100644
--- a/pkg/checkmarxone/cxjson_to_sarif.go
+++ b/pkg/checkmarxone/cxjson_to_sarif.go
@@ -20,6 +20,7 @@ func ConvertCxJSONToSarif(sys System, serverURL string, scanResults *[]ScanResul
 	sarif.Version = "2.1.0"
 	var checkmarxRun format.Runs
 	checkmarxRun.ColumnKind = "utf16CodeUnits"
+	checkmarxRun.Results = make([]format.Results, 0)
 	sarif.Runs = append(sarif.Runs, checkmarxRun)
 	rulesArray := []format.SarifRule{}
 
@@ -226,7 +227,17 @@ func ConvertCxJSONToSarif(sys System, serverURL string, scanResults *[]ScanResul
 		if r.VulnerabilityDetails.CweId != 0 {
 			rule.Properties.Tags = append(rule.Properties.Tags, fmt.Sprintf("external/cwe/cwe-%d", r.VulnerabilityDetails.CweId))
 		}
-		rulesArray = append(rulesArray, rule)
+
+		match := false
+		for _, r := range rulesArray {
+			if r.ID == rule.ID {
+				match = true
+				break
+			}
+		}
+		if !match {
+			rulesArray = append(rulesArray, rule)
+		}
 	}
 
 	// Handle driver object
@@ -237,7 +248,7 @@ func ConvertCxJSONToSarif(sys System, serverURL string, scanResults *[]ScanResul
 
 	// TODO: a way to fetch/store the version
 	tool.Driver.Version = "1" //strings.Split(cxxml.CheckmarxVersion, "V ")
-	tool.Driver.InformationUri = "https://checkmarx.com/resource/documents/en/34965-68571-viewing-results.html"
+	tool.Driver.InformationUri = "https://checkmarx.com/resource/documents/en/34965-165898-results-details-per-scanner.html"
 	tool.Driver.Rules = rulesArray
 	sarif.Runs[0].Tool = tool
 
diff --git a/resources/metadata/checkmarxOneExecuteScan.yaml b/resources/metadata/checkmarxOneExecuteScan.yaml
index a6f64ed78..0807f7ff2 100644
--- a/resources/metadata/checkmarxOneExecuteScan.yaml
+++ b/resources/metadata/checkmarxOneExecuteScan.yaml
@@ -127,6 +127,17 @@ spec:
           - STAGES
           - STEPS
         type: string
+      - name: gitBranch
+        description: "Set the GitHub repository branch."
+        resourceRef:
+          - name: commonPipelineEnvironment
+            param: github/branch
+        scope:
+          - GENERAL
+          - PARAMETERS
+          - STAGES
+          - STEPS
+        type: string
       - name: clientSecret
         type: string
         description: The clientSecret to authenticate using a service account