Allowing Veracode Domains and IP Addresses
If you block internet addresses in your organization, Veracode recommends that you allow Veracode domains and, in some limited cases, IP addresses to ensure there is no disruption in your ability to access Veracode features and products. If you have questions, contact [email protected].
If your organization requires that you allow every domain and subdomain for your users to have access to Veracode, add these URLs and IP addresses to your allowlist to avoid disruption in service, based on the products you use:
All Veracode products - Core user interface URLs
| Region | URLs |
|---|
| Commercial | https://analysiscenter.veracode.comhttps://ui.analysiscenter.veracode.comhttps://login.analysiscenter.veracode.comhttps://web.analysiscenter.veracode.comhttps://analytics2.veracode.com
|
| European | https://analysiscenter.veracode.euhttps://ui.analysiscenter.veracode.euhttps://login.analysiscenter.veracode.euhttps://web.analysiscenter.veracode.euhttps://eu-prod-lookout.analytics.veracode.eu
|
| United States Federal | https://analysiscenter.veracode.ushttps://ui.analysiscenter.veracode.ushttps://login.analysiscenter.veracode.ushttps://web.analysiscenter.veracode.ushttps://beta3-lookout.analytics.veracode.us
|
All Veracode products - Documentation and assistance URLs
| Region | URLs |
|---|
| All regions | https://docs.veracode.comhttps://community.veracode.comhttps://pendo.veracode.comhttps://app.pendo.io
|
Veracode sends anonymized user data to a third-party telemetry service as described in About Telemetry.
All Veracode products - APIs and integrations URLs
| Region | URLs |
|---|
| Commercial | https://analysiscenter.veracode.comhttps://api.veracode.comhttps://tools.veracode.comhttps://downloads.veracode.comhttps://hub.docker.com
|
| European | https://analysiscenter.veracode.euhttps://api.veracode.euhttps://tools.veracode.comhttps://downloads.veracode.comhttps://hub.docker.com
|
| United States Federal | https://analysiscenter.veracode.ushttps://api.veracode.ushttps://tools.veracode.comhttps://downloads.veracode.comhttps://hub.docker.com
|
All Veracode products - Access from outside the United States
| Region | URLs |
|---|
| All regions | *.okta.com*.mtls.okta.com*.oktacdn.com*.okta-emea.com*.mtls.okta-emea.com
|
All Veracode products - IP address rules
| Region | IP Addresses |
|---|
| Commercial | 162.159.128.36162.159.129.36
|
| European | 104.18.16.181104.18.17.181
|
| United States Federal | N/A |
Veracode Dynamic Analysis IP addresses
| Region | IP Addresses |
|---|
| Commercial | 34.195.146.191 |
| European | 35.156.203.105 |
| United States Federal | 3.32.105.199 |
Veracode Integration for Jira Cloud URLs
| Region | URLs |
|---|
| Commercial | https://jira-cloud-addon.integrations.veracode.com |
| European | TBD |
| United States Federal | TBD |
Veracode eLearning URLs
| Region | URLs |
|---|
| Commercial | https://elearning.veracode.com |
| European | https://elearning.veracode.eu |
| United States Federal | https://elearning.veracode.us |
Veracode Manual Penetration Testing URLs
| Region | URLs |
|---|
| Commercial | pt.analysiscenter.veracode.com |
| European | TBD |
| United States Federal | TBD |
Veracode Security Labs URLs
| Region | URLs |
|---|
| Commercial | https://securitylabs.veracode.comhttps://*.vsl.dev
|
| European | TBD |
| United States Federal | TBD |
Veracode Software Composition Analysis URLs
| Region | URLs |
|---|
| Commercial | https://sca.analysiscenter.veracode.comhttps://api.sourceclear.iohttps://download.sourceclear.com
|
| European | https://sca.analysiscenter.veracode.euhttps://platform-backend.analysiscenter.veracode.euhttps://download.sourceclear.com
|
| United States Federal | https://sca.analysiscenter.veracode.ushttps://platform-backend.analysiscenter.veracode.ushttps://download.sourceclear.com
|
If you perform SCA agent-based scans of projects that use Maven or Gradle package managers, and you want to build dependency graphs, you must also allow the following URLs:
https://repo.maven.apache.org/maven2/com/srcclrhttps://repo.maven.apache.org/maven2/com/veracode
About Telemetry
Veracode sends anonymized user data to a third-party telemetry service to help Veracode measure and improve its products and support.
The anonymized user data includes:
- A synthetic, unique user identifier
- A synthetic, unique identifier for the user organization
- The browser name and version
- The last login date before the current session
- The user roles
The user data does not include name, email, organization name, or any information about applications or findings.