Tech Partners Integrations
Build Your AppSec Program on Checkmarx One
Your enterprise deserves a comprehensive AppSec platform. We’re building the extensible AppSec platform of the future. You can now extend our industry-leading platform with a wide range of partner capabilities, including: unified posture management, SDLC tools, cloud and runtime and emerging technologies.
Market & Technology Leadership
provide large-scale organizations with forward-thinking solutions.
customers
organizations
scanned monthly
Why Partners Choose Checkmarx
Lorem ipsum dolor sit amet consectetur. Lectus imperdiet adipiscing est dictumst magna integer. Diam sapien urna varius enim dictumst egestas potenti.
Daniel Sampler AppSec manager
AppSec manager
Why Partners Choose Checkmarx
Bryan Smoltz
VP of Technology Alliances
The top application security vendors have a responsibility to team up to provide more robust and complete solutions for the world’s enterprises.
By delivering Sysdig runtime insights within Checkmarx One, customers have clear visibility into the workloads that are running in production so they can make better informed security decisions. Together, we are helping to bring maximum protection at cloud speed.
Drive Better
Security Outcomes
AppSec risk is business risk. Reducing risk requires integrating and automating security within your development pipeline, shifting everywhere to identify risk throughout your SDLC, and managing AppSec risk across your entire application footprint.
Checkmarx partners with all the leading SDLC tools, other security vendors, and vulnerability management companies to make it easier to manage and reduce risk, achieve your AppSec program goals, and drive business faster.
Featured Partners
Partners at every stage to optimize workflows, increase visibility, and help enterprises reduce their risk.
AWS
Checkmarx is available in the AWS Marketplace and we integrate with many AWS services. We also offer an AWS CDK plugin
JetBrains
Embed security where your developers live with our Jetbrains plugins offering SCA and SAST scans directly from the IDE
Sysdig
Our Sysdig integration provides a unified view of application vulnerabilities for security, development, and cloud teams
ServiceNow
Our ServiceNow integration provides SAST and SCA results into the ServiceNow Vulnerability Response dashboards
ArmorCode
ArmorCode unifies the siloed world of security testing and helps teams understand & improve the state of their product risk
WIZ
Checkmarx integrates with Wiz to provide code to cloud security as part of the Checkmarx Cloud Native Application Security product.
Brinqa
The Brinqa integration correlates context, prioritizes risk, streamlines remediation and reports security posture
Copado
Our Copado plugin includes SAST scan success enforcement in CI/CD pipelines within their DevOps Platform for Salesforce
GitLab
Checkmarx SAST and SCA are integrated into GitLab’s CI/CD pipeline, allowing users to secure custom and open source code
Seemplicity
Accelerate Cross Domain Remediation, Eliminate Busywork and Be Loved by Fixing Teams with the Seemplicity integration
Panoptica
Panoptica is Outshift by Cisco’s CNAPP that uncovers & remediates vulnerabilities during development through production
Mobb
Automatic vulnerability fixes using Mobb which secures applications using deterministic algorithms and advanced AI
Kondukto
Kondukto improves your organisation’s security posture by integrating all your security data into one crystal clear view
Security Compass
Discover actionable insights & automate workflows to increase AppSec team productivity with Security Compass integration
Hackuity
Automate remediation specific to your attack surface with the Checkmarx integration with the Hackuity single pane view
Silk Security
Take a strategic approach to resolving code, infrastructure and application risk with the Silk Security integration
NopSec
NopSec, the cyber threat exposure management platform that tames the chaos and reduces risk within remediation processes
Harness
Harness provides a secure way for engineering & DevOps teams to release applications in a simple, safe, and secure way.
Vulcan
Vulcan Cyber orchestrates & tracks the vulnerability remediation lifecycle from scan to fix by aggregating risk & asset data.
Solvo
Solvo automates the discovery, prioritization, and resolution of cloud infrastructure configuration and access risks.
AppSoc
AppSOC delivers a risk-based application security posture management and unified vulnerability management platform.
Prompt Security
Deploy on your browser, IDE or GenAI apps and get protection from Shadow AI, Prompt Injection and other GenAI risks.
Opus Security
Opus Security orchestrates remediation processes, consolidating all security issues across posture and vulnerability tools.
Boost Security
Comprehensive Application Security Posture Management and DevSecOps Automation platform.
Flexagon
Flexagon provides an integrated DevOps platform for CI/CD and Release Orchestration.
CloudBees
CloudBees enables organizations to deliver scalable, compliant, governed, and secure software from code to customer.
Dazz
Dazz remediates and reduces risk exposure across code, cloud, applications, and infrastructure resources.
FireFly
Firefly manages cloud assets, aiding teams in tracking drift detection and inventory across multi-cloud and Kubernetes.
JupiterOne
JupiterOne automates cyber analysis, spots vulnerabilities, and streamlines security for full protection.
Hyperproof
Hyperproof security compliance software streamlines risk management, empowering teams to handle compliance effectively.
Digital.ai
Digital.ai enhances software quality & security, drives innovation, and increases value with smart lifecycle insights.
AWS
Checkmarx is available in the AWS Marketplace and we integrate with many AWS services. We also offer an AWS CDK plugin
JetBrains
Embed security where your developers live with our Jetbrains plugins offering SCA and SAST scans directly from the IDE
Copado
Our Copado plugin includes SAST scan success enforcement in CI/CD pipelines within their DevOps Platform for Salesforce
ServiceNow
Our ServiceNow integration provides SAST and SCA results into the ServiceNow Vulnerability Response dashboards
Harness
Harness provides a secure way for engineering & DevOps teams to release applications in a simple, safe, and secure way.
Security Compass
Discover actionable insights & automate workflows to increase AppSec team productivity with Security Compass integration
GitLab
Checkmarx SAST and SCA are integrated into GitLab’s CI/CD pipeline, allowing users to secure custom and open source code
CloudBees
CloudBees enables organizations to deliver scalable, compliant, governed, and secure software from code to customer.
Mobb
Automatic vulnerability fixes using Mobb which secures applications using deterministic algorithms and advanced AI
Solvo
Solvo automates the discovery, prioritization, and resolution of cloud infrastructure configuration and access risks.
Flexagon
Flexagon provides an integrated DevOps platform for CI/CD and Release Orchestration.
Seemplicity
Accelerate Cross Domain Remediation, Eliminate Busywork and Be Loved by Fixing Teams with the Seemplicity integration
Hyperproof
Hyperproof security compliance software streamlines risk management, empowering teams to handle compliance effectively.
Digital.ai
Digital.ai enhances software quality & security, drives innovation, and increases value with smart lifecycle insights.
WIZ
Checkmarx integrates with Wiz to provide code to cloud security as part of the Checkmarx Cloud Native Application Security product.
AWS
Checkmarx is available in the AWS Marketplace and we integrate with many AWS services. We also offer an AWS CDK plugin
Sysdig
Our Sysdig integration provides a unified view of application vulnerabilities for security, development, and cloud teams
Panoptica
Panoptica is Outshift by Cisco’s CNAPP that uncovers & remediates vulnerabilities during development through production
FireFly
Firefly manages cloud assets, aiding teams in tracking drift detection and inventory across multi-cloud and Kubernetes.
JupiterOne
JupiterOne automates cyber analysis, spots vulnerabilities, and streamlines security for full protection.
ServiceNow
Our ServiceNow integration provides SAST and SCA results into the ServiceNow Vulnerability Response dashboards
ArmorCode
ArmorCode unifies the siloed world of security testing and helps teams understand & improve the state of their product risk
Brinqa
The Brinqa integration correlates context, prioritizes risk, streamlines remediation and reports security posture
Kondukto
Kondukto improves your organisation’s security posture by integrating all your security data into one crystal clear view
Hackuity
Automate remediation specific to your attack surface with the Checkmarx integration with the Hackuity single pane view
Vulcan
Vulcan Cyber orchestrates & tracks the vulnerability remediation lifecycle from scan to fix by aggregating risk & asset data.
Silk Security
Take a strategic approach to resolving code, infrastructure and application risk with the Silk Security integration
NopSec
NopSec, the cyber threat exposure management platform that tames the chaos and reduces risk within remediation processes
Seemplicity
Accelerate Cross Domain Remediation, Eliminate Busywork and Be Loved by Fixing Teams with the Seemplicity integration
AppSoc
AppSOC delivers a risk-based application security posture management and unified vulnerability management platform.
Opus Security
Opus Security orchestrates remediation processes, consolidating all security issues across posture and vulnerability tools.
Boost Security
Comprehensive Application Security Posture Management and DevSecOps Automation platform.
Dazz
Dazz remediates and reduces risk exposure across code, cloud, applications, and infrastructure resources.
Mobb
Automatic vulnerability fixes using Mobb which secures applications using deterministic algorithms and advanced AI
Prompt Security
Deploy on your browser, IDE or GenAI apps and get protection from Shadow AI, Prompt Injection and other GenAI risks.
Join the Checkmarx Tech Partner Program to integrate with the Checkmarx One Application Security Platform, and let's help our clients shift everywhere, together.
Become a Partner
Checkmarx Integrations
CI/CD
Our CI/CD integrations provide customizable and seamless Appsec solutions on-prem or in the cloud. DevOps can automate scans as steps in your development pipelines. Orchestration pulls reports directly in your CI/CD UI. Customizable queries and presets address specific needs, and it’s easy to tune and configure the integrations and UI plugins for any environment.
Learn more
Appveyor
AWS CodeBuild
AWS CodePipeline
Azure DevOps Pipelines
Azure DevOps
Bamboo
Bitrise CI
Buddy
Circle CI
CloudBees
Drone CI
GitHub Actions
Gitlab CI
Jenkins
Maven
NevercodeCI
Sonarqube
TeamCity
TravisCI
Wercker
IDE
With an interactive UI plugin for Checkmarx SAST, devs can review and fix code vulnerabilities in their preferred IDE's. Devs can go to the Best Fix Location straight from scan results, and then click through to Checkmarx Codebashing to learn how to fix the code. After it’s fixed, they can kick off private scans to verify their code is secure before merging it.
Learn more
Eclipse
Intellij
Visual Studio Code
Visual Studio
SCM
To fix code vulnerabilities fast, developers need security scans in their SCM solution. Ensure and adopt a working pipeline , by enabling developers to control Checkmarx scans in their native SCM CI/CD pipeline. Checkmarx Codebashing links to the security findings in the SCM. Security teams can also block specific pull request results based on severity or vulnerability category.
Learn more
BitBucket
Git
GitHub
GitLab
Perforce
Feedback & Ticketing
You want all bug tickets in one place, and you want fixed bugs to be automatically closed. Our ticketing tool integrations offer an automated feedback loop that opens, updates, and closes tickets. You can automatically create tickets filtered by severity as we as easily gather data to help managers track the efficacy of your AppSec program.
Learn more
Azure DevOps
GitHub
GitLab Issue Board
GitLab Security Dashboard
Jira
Runtime
Eliminate noise and prioritize the most critical vulnerabilities using runtime context integrations. These integrations offer a seamless connection between your application's real-time operations and security analysis, ensuring continuous monitoring for vulnerabilities even as your codebase evolves. Prioritize remediation by knowing what is, and isn't, used in production.
AWS
Azure
Google Cloud Platfrom
Panoptica
Vulnerability Management
Unify and correlate findings from multiple tools into a single view, so you can see a comprehensive visualization of your security posture. By centralizing vulnerability data, teams can prioritize, track, and address issues more efficiently. With a proactive approach, teams can mitigate risks, ensuring robust application security from inception to deployment.
AutoRabit
Brinqa
CodeDx
Digital.ai
Konducto
Security Compass
Security Innovation
ThreadFix
Vulcan Cyber
ZeroNorth
Don’t see your desired integration here? No problem. Integrate using our CLIs.
Related Assets You Don’t Want to Miss
Twitch show recording
Watch our AWS Security Live! Twitch show on securing GenAI
Checkmarx on AWS Security Live!; how we supercharge developer experience & address the generative AI security gap.
Webinar on demand
Track your KPIs and develop a plan for vulnerability management
Brinqa & Checkmarx can correlate & prioritize risk, streamline remediation & report on your security posture.
Webinar on demand
Emerging trends for Financial Services with Amazon Web Serivces
Discover 3 trends impacting Application Security in Financial Services with AWS and how you can address them.
Let’s Make Shift Happen
The Checkmarx Tech Partner Program offers integration support, as well as marketing and sales opportunities.
Join the Checkmarx Tech Partner Program to integrate with the Checkmarx One™ Application Security Platform, and let’s help our clients shift everywhere, together.