Checkmarx AST Scanner

Contributors Forks Stargazers Issues Install APACHE License



Allows the user to scan their source code using Checkmarx AST platform and provide the results as a feedback.
Explore the docs »

Report Bug · Request Feature

Table of Contents
  1. About The Project
  2. Getting Started
  3. Usage
  4. Contributing
  5. License
  6. Contact

About The Project

The CxOne/CxAST Jenkins Plugin allows the user to trigger SAST, SCA and IaC and API Security scans directly from a Jenkins workflow. It provides a wrapper around the CxOne CLI Tool which creates a zip archive from your source code repository and uploads it to CxOne for scanning. The plugin provides easy integration into Jenkins while enabling scan customization using the full functionality and flexibility of the CLI tool.

Getting Started

The plugin can be configured as build step within the Job Configuration.


  • A Jenkins installation v2.263.1 or above

  • Access to a CxOne account (user credentials or an API Key)

Setting Up

To set the plugin up, follow this Instructions


To see how you can use our tool, please refer to the Documentation


  • Review the default CONTRIBUTING file and make sure it is appropriate for your plugin, if not then add your own one adapted from the base file

  • Refer to our contribution guidelines


Distributed under the MIT. See LICENSE for more information.


Checkmarx - CxOne Integrations Team

Find more integrations from our team here

© 2022 Checkmarx Ltd. All Rights Reserved.