Veracode provides an extension for Azure DevOps and Team Foundation Server (TFS). You can use the extension to automatically import flaws and vulnerabilities as work items. Veracode discovers flaws during Static Analysis scans and vulnerabilities during Dynamic Analysis or Software Composition Analysis (SCA) scans.