Skip to main content

Integrating with SCMs

Checkmarx One supports integration with most of the popular SCM platforms.

You can import a project from your SCM directly to the platform, enabling automated scanning of your source code whenever the project is updated.

Checkmarx One listens for commit events and uses a webhook to trigger Checkmarx scans when a push or a pull request occurs, and once a scan is complete, you can view the results on the platform.

In addition, to pull requests, a comment is created in the SCM, which includes a scan summary, a list of vulnerabilities, and a link to view the scan results in Checkmarx One.


This integration supports both public and private repositories.

You can create multiple integrations in a bulk action by selecting several repositories.

Your integration is project-based, and a specific Checkmarx One project corresponds to a specified repository.

The demo below shows an example of how the platform integrates with your SCMs.

If you click on the icons below, we will redirect you to the articles for more details and instructions to configure each SCM with Checkmarx One.