Checkmarx FAQs

Question 1

Does this tool support integration into CI/CD pipelines?

Accepted Answer

Yes, the composable CLI scripts are specifically designed for seamless integration into automated CI/CD pipelines, allowing for repeatable security checks, automated reporting, and streamlined DevSecOps workflows.

Question 2

What is Checkmarx-mcp?

Accepted Answer

Checkmarx-mcp provides shell scripts and an MCP server to interact with the Checkmarx One REST API. It enables automated scan management, detailed reporting, and comprehensive vulnerability analysis for application security.

Question 3

What types of security reports can Checkmarx-mcp generate?

Accepted Answer

The tool can generate comprehensive project inventories, last scan status reports, aggregated vulnerability summaries by various criteria (severity, language, query type), and scan comparisons to identify new, fixed, or recurrent findings.

Question 4

What is the benefit of using Claude with Checkmarx-mcp?

Accepted Answer

Integrating with Claude via the MCP server allows you to query your Checkmarx One data using natural language. This simplifies getting answers about your security posture and scan results without needing to write complex scripts.

Question 5

How can I interact with the Checkmarx One API using this tool?

Accepted Answer

You have two primary interfaces: composable CLI scripts for automated reporting and pipeline integrations, or an MCP server that allows natural language interaction with Claude for security insights.

Checkmarx

Checkmarx

主な機能

ユースケース

主な機能

ユースケース