2,500+ MCP servers ready to use
Vinkius
MCP VERIFIED · PRODUCTION READY · VINKIUS GUARANTEED
Checkmarx

Checkmarx MCP Server

checkmarx.com
Built by Vinkius GDPR ToolsFree for Subscribers

Automate AppSec via Checkmarx One — trigger core scans, analyze vulnerabilities, discover Best Fix Locations (BFL), and monitor KICS results.

Get MCP Server for AI Agents

Ask AI about this MCP Server

Open in ChatGPT Open in Claude Open in Perplexity

Vinkius supports streamable HTTP and SSE.

AI AgentVinkius
High Security·Kill Switch·Plug and Play
Checkmarx
Fully ManagedVinkius Servers
60%Token savings
High SecurityEnterprise-grade
IAMAccess control
EU AI ActCompliant
DLPData protection
V8 IsolateSandboxed
Ed25519Audit chain
<40msKill switch
Stream every event to Splunk, Datadog, or your own webhook in real-time

* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure

What is the Checkmarx MCP Server?

The Checkmarx MCP Server gives AI agents like Claude, ChatGPT, and Cursor direct access to Checkmarx via 10 tools. Automate AppSec via Checkmarx One — trigger core scans, analyze vulnerabilities, discover Best Fix Locations (BFL), and monitor KICS results. Powered by the Vinkius - no API keys, no infrastructure, connect in under 2 minutes.

Built-in capabilities (10)

cancel_scanget_kics_resultsget_projectget_scan_detailsget_scan_resultslist_applicationslist_bfllist_projectslist_scansrun_scan

Tools for your AI Agents to operate Checkmarx

Ask your AI agent "List the most severe vulnerabilities found in the last Checkmarx scan." and get the answer without opening a single dashboard. With 10 tools connected to real Checkmarx data, your agents reason over live information, cross-reference it with other MCP servers, and deliver insights you would spend hours assembling manually.

Works with Claude, ChatGPT, Cursor, and any MCP-compatible client. Powered by the Vinkius - your credentials never touch the AI model, every request is auditable. Connect in under two minutes.

Why teams choose Vinkius

One subscription gives you access to thousands of MCP servers - and you can deploy your own to the Vinkius Edge. Your AI agents only access the data you authorize, with DLP that blocks sensitive information from ever reaching the model, kill switch for instant shutdown, and up to 60% token savings. Enterprise-grade infrastructure and security, zero maintenance.

Build your own MCP Server with our secure development framework →

Vinkius works with every AI agent you already use

…and any MCP-compatible client

CursorClaudeOpenAIVS CodeCopilotGoogleLovableMistralAWSCursorClaudeOpenAIVS CodeCopilotGoogleLovableMistralAWS

Checkmarx MCP Server capabilities

10 tools
cancel_scan

Prevents unnecessary engine resource consumption and drops the scanning context if the developer pushed a new commit overlapping the running job. Cancel an actively running Checkmarx scan

get_kics_results

Focuses solely on Terraform, CloudFormation, Kubernetes YAML, and Dockerfile misconfigurations rather than typical application source code flaws. Get specialized Infrastructure as Code (KICS) findings

get_project

Essential for ensuring the correct branch and source control context is selected before triggering new scans. Get details for a specific Checkmarx project

get_scan_details

It returns granular execution details including which scan engines (SAST, SCA, KICS) were fired, their individual execution timings, and any engine-specific failure reasons. Check the precise status and configuration of a Checkmarx scan

get_scan_results

Each result includes the vulnerability severity, state (To Verify, Confirmed, Urgent), description, and the exact lines of code where the flaw was detected. Requires a completed scan ID. Download SAST and security vulnerability findings for a scan

list_applications

An Application acts as an overarching container for multiple individual microservices or projects, providing aggregated risk reporting and security metric visibility across a logical product. List Checkmarx One Applications

list_bfl

Provide the scan ID and the specific query (rule) ID string. Get Best Fix Location (BFL) for a specific vulnerability node

list_projects

A Project represents a specific codebase. Includes project metadata, IDs, and assigned application linkages. List all Checkmarx One Projects

list_scans

Includes the scan ID, current status (Completed, Running, Failed, Canceled), branch targeted, and timestamps. Use the scan ID to fetch the actual vulnerability results. List all historical and active scans for a Checkmarx project

run_scan

Extensively used in CI/CD integrations to assert security quality on PRs. Returns the ID of the newly queued scan. Trigger a new Checkmarx One code scan

What the Checkmarx MCP Server unlocks

Connect your Checkmarx One enterprise environment to any AI agent and take programmatic control over your Application Security posture. Analyze deep code flaws through natural chat instead of navigating complex cyber dashboards.

What you can do

  • Projects & Applications — Inventory your codebase containers, inspect active project linkages, and prepare specific branches for security scanning
  • Scans Lifecycle — Trigger dynamic SAST/SCA security scans on repos, cancel redundant queues, and poll engines for precise execution timing
  • Vulnerability Triage — Extract core datasets of severe vulnerabilities, mapping exact lines of code where the flawed logic resides
  • Best Fix Location (BFL) — Ask the agent to calculate the exact optimal spot in your execution path to apply a patch that resolves the flaw entirely
  • KICS (IaC) — Read specialized Infrastructure as Code metrics isolating misconfigurations exclusively in Terraform, Dockerfiles, or Kubernetes YAML

How it works

1. Subscribe to this server
2. Provide your Checkmarx One JWT Token
3. Uncover code vulnerabilities natively inside Claude, Cursor, or any compatible MCP agent

Who is this for?

  • Security Engineers (AppSec) — seamlessly orchestrate vulnerability triage without toggling away from your primary workstation or ticket tracker
  • DevOps & Platform Teams — investigate misconfigured KICS results in staging branches actively through the agent before deploying
  • Developers — grab the exact Best Fix Location (BFL) for a zero-day issue and ask the LLM to rewrite the sanitization logic instantly

Frequently asked questions about the Checkmarx MCP Server

01

How can the AI help me fix a vulnerability faster?

Once an issue is identified via scan results, ask your agent to pull the 'Best Fix Location' (BFL) using the query ID. Checkmarx mathematically finds the common root code block, and your AI can instantly rewrite that exact block to sanitize the flaw. You save hours tracing code paths.

02

Can the agent initiate a static code scan independently?

Yes! Tell the agent to 'Run a scan on project ID X targeting the main branch'. It initiates the analysis array natively across Checkmarx One engines. You can poll for completion status later and retrieve the new dataset directly via chat.

03

Does it segregate AppSec results from Cloud infrastructure flaws?

It does. Application flaws are pulled cleanly via get_scan_results, whereas misconfigurations tied to Docker, Kubernetes, or Terraform limits use a dedicated get_kics_results pipeline. The agent intrinsically separates the context for your DevOps team.

More in this category

Elastic Security

Elastic Security

10 tools

Manage SIEM and SOC operations via Elastic Security — monitor detection rules, search security alerts (Signals), handle whitelisting, and audit threat coverage directly from any AI agent.

Doppler

Doppler

12 tools

Manage secrets and environment variables via Doppler — list projects, audit secrets, and track activity logs from any AI agent.

Datadog Cloud SIEM

Datadog Cloud SIEM

10 tools

Manage cloud security via Datadog — search security signals, triage alerts, and audit detection rules directly from any AI agent.

You might also like

Determ

Determ

10 tools

Equip your AI agent to monitor media mentions, track keywords, and analyze sentiment via the Determ (formerly Mediatoolkit) API.

Electricity Maps Carbon Intelligence

Electricity Maps Carbon Intelligence

3 tools

Universal energy and carbon intelligence — get real-time electricity mix and carbon data via AI.

Ezus

Ezus

12 tools

Streamline travel agency operations via Ezus — manage projects, clients, suppliers, and invoices through your AI agent.

Connect Checkmarx with your favorite client

Step-by-step setup guides for every MCP-compatible client and framework:

Claude DesktopIDE

Anthropic's native desktop app for Claude with built-in MCP support.

CursorIDE

AI-first code editor with integrated LLM-powered coding assistance.

VS Code CopilotIDE

GitHub Copilot in VS Code with Agent mode and MCP support.

WindsurfIDE

Purpose-built IDE for agentic AI coding workflows.

ClineIDE

Autonomous AI coding agent that runs inside VS Code.

Claude CodeCLI

Anthropic's agentic CLI for terminal-first development.

OpenAI Agents SDKSDK

Python SDK for building production-grade OpenAI agent workflows.

Google ADKSDK

Google's framework for building production AI agents.

Pydantic AISDK

Type-safe agent development for Python with first-class MCP support.

Vercel AI SDKSDK

TypeScript toolkit for building AI-powered web applications.

M
Mastra AISDK

TypeScript-native agent framework for modern web stacks.

CrewAIFramework

Python framework for orchestrating collaborative AI agent crews.

LangChainFramework

Leading Python framework for composable LLM applications.

LI
LlamaIndexFramework

Data-aware AI agent framework for structured and unstructured sources.

AG
AutoGenFramework

Microsoft's framework for multi-agent collaborative conversations.

Give your AI agents the power of Checkmarx MCP Server

Production-grade Checkmarx MCP Server. Verified, monitored, and maintained by Vinkius. Ready for your AI agents — connect and start using immediately.