Skip to main content

Link Dynamic Analysis results to application profiles

The Dynamic Analysis application linking feature allows you to link scan results to an application profile. By linking the results, you can evaluate them against policy and aggregate the results from multiple scan types. For example, access Static Analysis and Dynamic Analysis results for the same application in a single report.

You can link results manually or automatically. You can link results using the REST API.

By default, Dynamic Analysis does not automatically create application profiles during the linking process. To create application profiles, configure auto-linking.

Benefits

Linking results to an application profile provides the following benefits.

  • View the results of all types of scans aggregated in a single report.
  • Access reports in the Veracode Platform to identify crawled and attacked links.
  • Save results from each subsequent scan without overriding the results of the previous scan.
  • Use the Veracode Platform to review the application policy evaluation.
  • Review the application policy evaluation.
  • Download a PDF of the results.

Prerequisites

  • Linking to a scan requires an existing application profile in the Veracode Platform.

  • Application linking succeeds only if a Dynamic Analysis request in an application profile is complete. Verify the status of any Dynamic Analysis requests within the profile. If you have permission, delete an incomplete request before attempting to link the application. Incomplete statuses include:

    • Prescan Complete
    • Scan in Progress
    • Prescan Failed

  • You cannot link an application profile that contains an in-progress Dynamic Analysis. You must delete the in-progress Dynamic Analysis and unlink the application profile. You can then link another application profile.

  • You can link one URL to one application profile. This manual step requires you to map each URL to an existing application profile.

You can link the results from a Dynamic Analysis to an application profile in the Veracode Platform or with the REST API.

note

Do not use any actions under the application profile menu for Dynamic Analysis scans linked to an application.

Before you begin:

You must have the Administrator, Security Lead, Creator, or Submitter role to be able to manually link results.

To complete this task:

  1. In the Veracode Platform, select the Dynamic Analysis Results tab of the analysis summary page, and select Actions > Link to Application. The Link to Application window opens.
  2. Select the application you want to link to from the list. You cannot select an application that is already linked to a URL configuration.
  3. Select Save.

Results:

The linked application appears in the Additional Information section on the Scan Details page.

Linked Dynamic Analysis results are now available from the application overview. Select Completed in the left navigation menu of the Veracode Platform to see your completed Dynamic Analysis scans. You can review the results in the Coverage Report for the Dynamic Analysis.

You can unlink results when you no longer want to associate them with a specific application profile or when you want to link them to a different application. You can perform this in the Veracode Platform or with the REST API.

After unlinking results from an application profile, all future scan results are no longer associated with that application. The results from previous scans remain available, and you can link them to the same or a different application profile.

Before you begin:

You must have the Administrator, Security Lead, Creator, or Submitter role.

To complete this task:

  1. In the Veracode Platform, select Scans & Analysis > Dynamic Analysis.
  2. In the All Dynamic Analyses table, select the name of the analysis from which to unlink an application profile.
  3. In the URLs List table or the API Specifications List table, next to a URL or API specification, select Actions > Unlink from Application.
  4. In the Unlink from Application window, select Unlink.
  5. To unlink additional URLs or API specifications, repeat steps 3 and 4.

The Dynamic Analysis auto-linking feature automatically links URL scans from Dynamic Analyses to applications that already exist in the Veracode Platform. The matching process searches for URLs previously associated with the existing application that match the target URL in the Dynamic Analysis.

Auto-publishing results of concurrent scans improves Dynamic Analysis scans. When Veracode links Dynamic Analysis scans to an application profile, Veracode matches flaw results that do not require any additional verification on a subsequent scan. This practice reduces the publishing time of results while maintaining a low false-positive rate.

We recommend configuring recurring schedules to ensure that the results automatically link to the application profiles for future scans.

note

If you configure a recurring schedule but do not link the results to the application profiles, the next time the scan runs using that schedule, the new results override the previous results.

Before you begin:

You must have the Administrator or Security Lead role to enable the auto-linking feature for your organization. After enabling auto-linking, any users in your organization who have the appropriate permissions can view linked results.

To complete this task:

  1. Select the gear icon in the top-right of the Veracode Platform and select Dynamic Analysis Auto-Linking. The Dynamic Analysis Auto-Linking Options page opens.

  2. Select an auto-linking option:

    • Do not auto-link: do not auto-link any URL scan results or create any new applications.
    • Auto-link but do not create applications: search existing applications for previously associated URLs that match the target URL and auto-link future URL scan results to the application.
    • Auto-link and create applications: search existing applications for previously associated URLs that match the target URL and auto-link future scan results to the application. For each target URL that does not match any URLs in an existing application, create a new application based on the information you enter in the New Application Name, Business Criticality, Policy, and Visibility Settings fields.

    The selected option applies to all future analyses and results that are not yet published. You can only link one target URL to an application at a time. If you have multiple Dynamic Analysis scans that have the same target URL, you can link them to the same application. If you have previously linked a target URL to multiple applications, the auto-linking feature selects the most recently published scan to link to in the future. You can also manually unlink results.

  3. Select Save.

The linked application appears in the Additional Information section on the Scan Details page. Linked Dynamic Analysis results are now available from the application overview. Select Completed in the left navigation menu of the Veracode Platform to see your completed Dynamic Analysis scans. You can review the results in the Coverage Report for the Dynamic Analysis.

Last updated on