Manage SCA workspaces
Use workspaces to separate and manage project scan data for SCA Agent-based Scan. Each workspace can include multiple SCA agents that perform scans on your code projects and display the results in the workspace to which they belong. You can store scan data in different workspaces and control user access to that data based on the workspaces to which a user belongs.
In the Veracode Platform, on the Workspace Portfolio page, you can search for a library, vulnerability, or license and drill down into the workspaces and projects that include the items in your search. If you select a workspace name, you see the issues associated with the workspace, including details such as the median resolution time and a breakdown of the issues by severity.
You can create workspaces and use them to collaborate with team members. You can also use the automatically created My Workspace to perform quick scans and review scan data on your own.
You can extract information about your workspaces using the SCA REST API.
About My Workspace
All users have access to a personal workspace for local scanning called My Workspace, but we don't recommend using it for anything but temporary experimentation. The Veracode Scan IDE plugins and extensions only use My Workspace.
The Veracode Scan IDE plugins and extensions temporarily create projects in My Workspace, but since My Workspace can only store up to three projects, scans in your IDE will fail if you have already reached this limit. Therefore, we recommend deleting all projects from My Workspace before using these plugins.
Your user account does not require specific roles or team membership to create projects or start scans in My Workspace. The workspace automatically appears in your workspace list. With My Workspace, you can create agents, add custom rules, and manage and review scan data for projects just as you do with other workspaces.
To simplify the My Workspace experience, we implement several restrictions. You cannot:
- Apply organization rules.
- Link projects to applications.
- Add teams.
- Delete the workspace.
- Create more than three projects. If My Workspace contains three projects, you must delete one before you can scan another.
If you need access to more than three projects, reach out to the administrator of your Veracode account to request access to other workspaces.
Create a workspace
Workspaces help you organize your project data for scanning. Use workspaces to organize scan results by application or business unit. Workspaces are similar to teams. Scan results are available at the project level, and projects are available at the workspace level. You can also customize your workspace to suit your needs.
My Workspace, which is available for all users, provides limited functionality for experimenting with agent-based scans.
You can also create workspaces with the SCA REST API.
Before you begin:
You have the Security Lead or Creator role.
To complete this task:
- In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.
- Select Agent-Based Scan.
- Select Actions > Create Workspace.
- Enter a name for the workspace.
- If you want to add teams to the workspace, select More Options and select one or more teams.
- Select Create.
Next steps:
Delete a workspace
Deleting workspaces permanently deletes the agents and any data associated with that workspace.
You can also perform this task with the SCA REST API.
Before you begin:
You must have the Security Lead, Creator, or Workspace Administrator role to delete workspaces.
To complete this task:
- In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.
- Select Agent-Based Scan.
- Select a workspace.
- Select Settings from the Manage Workspace dropdown.
- Select Delete Workspace.
- Select Yes, Delete to permanently delete the workspace.
Locate the workspace slug
You use the workspace slug to apply an SCA agent to a workspace using a scan directive or environment variable.
To complete this task:
- In the Veracode Platform, select Scans & Analysis > Software Composition Analysis.
- Select Agent-Based Scan.
- Select the desired workspace from the workspace list.
- Copy the eight-character value shown in the URL.
You can also obtain a workspace slug by sending a request to the getWorkspaces API and retrieving the value from the site_id field in the payload.