Skip to main content

Integrate DAST into your pipeline

Important change

Webhook UUIDs are no longer generated for new targets. Use your target UUID with the Veracode CLI to trigger scans programmatically. Existing webhook UUIDs continue to work for backward compatibility.

To integrate Veracode DAST with the following development tools, use your target UUID with the Veracode CLI.

To integrate different scan types and features, see Integrate with Veracode.

Find your target UUID

Use your target UUID to trigger scans and retrieve results programmatically. You can find it in the Veracode Platform.

Before you begin:

You must have created a target.

To complete this task:

  1. Sign in to the Veracode Platform.
  2. Select Scans & Analysis > DAST. The Target list page opens.
  3. Select a target, then select CONFIGURE.
  4. Select the Integrations tab. Use this target UUID with the Veracode CLI and CI/CD integrations.

Integrate DAST into your pipeline

Use the Veracode CLI to start scans, check status, and download results from your CI/CD pipeline or scripts. The CLI authenticates automatically with your API credentials.

Start a scan

To start a scan for your target, run:

veracode dynamic scan --webhook <target-uuid>

Start a scan with authentication overrides

To start a scan and override authentication, use the relevant flags. For example, for form-based authentication:

veracode dynamic scan --webhook <target-uuid> \
--app-auth-username [email protected] \
--app-auth-password rand0m123 \
--app-auth-url https://app.example.com/login

For parameter authentication (for example, a header token):

veracode dynamic scan --webhook <target-uuid> \
--param-auth-type HTTP_HEADER \
--param-auth-key Authorization \
--param-auth-value “Bearer 12345678

Download the results

To download your completed scan results in JUnit or PDF format, run:

veracode dynamic results --webhook <target-uuid> --analysis-run-id <id> --format junit --output ./test-reports/report.xml
veracode dynamic results --webhook <target-uuid> --analysis-run-id <id> --format pdf --output ./test-reports/report.pdf

For a full list of available flags, see the CLI reference.