Latest Innovations - Checkmarx
Free Virtual Summit Agentic AppSec Unleashed '26 is June 16th Register Now
Outlook Report The Future of Application Security in the Era of AI Download Now
Latest Innovations
Checkmarx for Developers
Partners
Blog
Research
Latest Releases

What we’ve shipped
recently

Every release is driven by one question: what does security need to keep pace with how engineering ships today? Here's what that looks like in practice.

Read the Docs Roadmap Preview
NG SAST – Scan Results
Client DOM Stored XSS Urgent
XPath Injection High
Client DOS By Sleep Medium
Stored Absolute Path Traversal Medium
SAST

The highest F1 score in any language. Enterprise-grade, AI-augmented, zero noise.

Static analysis just got a significant upgrade. The new Checkmarx SAST builds on the deterministic foundation enterprise security teams trust, adding AI-powered coverage and an automated findings classifier that separates signal from noise before results reach your team. The result: the highest F1 score in the category, 60% fewer false positives, and 100% language coverage across your entire stack, including everything AI coding assistants are generating right now.

Explore SAST
What's New

Recent Releases & Updates

Explore some of our latest features and enhancements.

New MCP SERVER

Checkmarx MCP Server — AI agents with real security context.

The Checkmarx MCP Server gives AI coding assistants secure, governed access to Checkmarx One through a single MCP connection. Developers and AI agents can retrieve scan results, investigate vulnerabilities, understand remediation guidance, and act with the same enterprise security context across MCP-compatible IDEs, terminals, and assistants without building custom integrations for every tool or workflow.

Explore MCP Server
New AI SUPPLY CHAIN SECURITY

AI-BOM — know exactly what AI is in your software.

LLMs are introducing a new class of dependency risk — models, agents, MCP servers, and fine-tuning datasets that no traditional SBOM tracks. The Checkmarx AI Bill of Materials gives security teams deterministic, auditable visibility into every AI component across the SDLC, mapped against NIST AI RMF, EU AI Act, and ISO 42001 requirements. Know what AI is in your software — before your auditors ask.

Explore AI-BOM
New AI AGENTS – TRIAGE & REMEDIATION

Triage Assist & Remediation Assist: Resolve Risk as Fast as AI Delivers It

Two new autonomous agents in Checkmarx One that take the manual work out of vulnerability management. Triage Assist tells you exactly what requires action and what can be safely ignored — using provable Attackability and real-world exploitability, not static severity scores. Remediation Assist generates review-ready fixes directly inside pull requests, so developers stay in flow instead of context-switching to investigate and patch.

Explore Agents
What's Next

Upcoming Releases

Here's a preview of what's ahead in our pipeline.

GitHub Apps Code Repository Integrations

Coming Soon

Vulnerability Exploitability eXchange (VEX)

Coming Soon

Risk Orchestration

Coming Soon

DAST Enhancements

Coming Soon

Ready to Secure the Risk AI Creates?

See how Checkmarx helps enterprises reduce exploitable backlog, govern AI-generated code, and remediate application risk with speed, context, and control.

Request a Demo → Read Our Blog