Skip to main content

Checkmarx One Jenkins Plugin

The Checkmarx One Jenkins plugin enables you to integrate the full functionality of the Checkmarx One platform into your Jenkins pipelines. You can use this plugin to trigger scans running Checkmarx SAST, Checkmarx SCA, IaC Security and API Security scanners as part of your CI/CD integration.

This plugin provides a wrapper around the Checkmarx One CLI Tool l which creates a zip archive from your source code repository and uploads it to Checkmarx One for scanning. This provides easy integration with Jenkins while enabling scan customization using the full functionality and flexibility of the CLI tool.

Note

The plugin code can be found here.

Main Features

  • Configure Jenkins pipelines to automatically trigger scans running Checkmarx SAST, Checkmarx SCA, IaC Security and API Security scanners

  • Supports integrating Checkmarx One build steps into FreeStyle or Pipeline projects

  • Supports use of CLI arguments to customize scan configuration, enabling you to:

    • Customize filters to specify which folders and files are scanned

    • Apply preset query configurations

    • Customize SCA scans using Checkmarx SCA Resolver

    • Set thresholds to break build

  • Send requests via a proxy server

  • View scan results summary and trends in the Jenkins environment

  • Direct links from within Jenkins to detailed Checkmarx One scan results

  • Generate customized scan reports in various formats (JSON, HTML, PDF etc.)

  • Generate SBOM reports (CycloneDX and SPDX)

  • Can be configured to automatically update to the latest CLI version

Prerequisites