Skip to main content

Checkmarx Realtime Scanning for VS Code

Checkmarx continues to spearhead the shift-left approach to AppSec by bringing our powerful AppSec tools into your IDE. This empowers developers to identify vulnerabilities and remediate them as they code. The Checkmarx Visual Studio Code plugin includes free tools for identifying vulnerabilities and showing results directly in your IDE while you code.

  • KICS Realtime Scanning - identifies vulnerabilities in your IaC files.

  • SCA Realtime Scanning - identifies vulnerabilities in your open source dependencies.


These tools are part of the Checkmarx extension, which enables integration of Checkmarx One with VS Code. However, these are independent tools which can be used without having a Checkmarx account and without any need for Checkmarx authentication.