MCP Security for Enterprise AI Workflows

Checkmarx MCP is a hosted server that connects Checkmarx One to any MCP-compatible AI tool. Developers, analysts, and automated agents can trigger scans, query findings, and act on results from their IDE, chat interface, or pipeline without logging into the platform.

Checkmarx MCP works with any MCP-compatible environment. This includes IDE assistants such as Claude Code and Windsurf, chat interfaces such as Claude.ai and ChatGPT, CLI tools, and automated CI/CD pipelines. A single connection covers all of them, with no per-tool configuration required.

Direct API integrations require significant engineering effort and are not designed for natural language or agent-based interaction. Checkmarx MCP provides a standardized, AI-native interface that enables immediate, plug-and-play access across all your environments without building or maintaining custom integrations.

Checkmarx MCP is part of the Checkmarx One and requires an active Checkmarx One tenant. It is not a replacement for existing products such as Checkmarx Developer Assist, but an integration layer that makes Checkmarx capabilities accessible across every AI tool your teams use.

Checkmarx MCP uses OAuth-based SSO authentication with automatic tenant resolution. Role-based access control and tenant isolation are enforced at the MCP layer, ensuring that every AI interaction respects your existing permissions and compliance policies. No manual token handling is required.

For the first time, developers can get scan results and remediation guidance without leaving their IDE, AppSec analysts can query org-wide risk in plain language without opening the platform, and pipeline agents can run end-to-end security workflows with no human in the loop. All through one connection.