No free plan. The cheapest way in is paid plan at ~$150,000–$300,000/year. Consider free alternatives in the application security category if budget is tight.
Checkmarx One Assist is the AI-powered layer of the Checkmarx One platform. It uses generative AI to explain vulnerabilities in plain language, trace the code paths that introduced them, and suggest contextual remediation code that developers can review and apply directly inside their IDE or pull request workflow.
The platform consolidates SAST (static analysis), SCA (open-source dependency and license analysis), IaC security (Terraform, Kubernetes, CloudFormation), API security, container image scanning, supply chain security, and DAST. All engines share a unified findings model, dashboards, and policy engine.
Checkmarx One is sold exclusively through enterprise contracts. Pricing is not published publicly and is typically based on the number of contributing developers, the scanning engines enabled, scan volume, and contract length. Prospective customers must engage with Checkmarx sales for a quote.
Yes. It integrates with GitHub, GitLab, Bitbucket, and Azure Repos for source control, with Jenkins, GitHub Actions, Azure DevOps, CircleCI, and other CI systems for pipeline scanning, with VS Code, IntelliJ, Eclipse, and Visual Studio for in-IDE feedback, and with Jira, ServiceNow, and Microsoft Teams for ticketing and notifications.
Yes. Checkmarx has invested in capabilities to scan code produced by AI assistants like GitHub Copilot and to govern the use of AI coding tools, flagging insecure patterns, license risks in suggested snippets, and other issues that can arise when developers heavily rely on generative AI.
See Checkmarx One plans and find the right tier for your needs.
See Pricing Plans →Still not sure? Read our full verdict →
Last verified March 2026