Getting started with Static Analysis

To quickly run your first Static Analysis using a demo application, see the Static Analysis Quickstart.

By integrating with your software development lifecycle (SDLC) toolchain and providing one-on-one remediation advice, Veracode Static Analysis enables your development team to write secure code and assess the security of web, mobile, desktop, and back-end applications. You can use development sandboxes to test and fix code between releases without impacting the compliance status of the application.

You can also perform static analysis with the Veracode APIs or use the Veracode integrations to add static analysis to your IDEs, build systems, and ticketing systems. The Pipeline Scan provides another method of adding static analysis to your development pipelines.