Run a Scan and View Results Using Veracode Static for Visual Studio

IDEs

Publication
IDEs
Edition date
2022-11-17
Last publication
2022-11-17T20:57:22.572229

Note: This topic is for the new Veracode Static for Visual Studio released April 2022. For the legacy versions of Veracode Static for Visual Studio, see Veracode Static for Visual Studio (Legacy).

Run Scan

If this is your first scan for an application using this extension, please see the One-Time Setup section to ensure your scan is properly built and packaged for uploading to Veracode.

Note: The Run Scan button is disabled if a scan is in a failed state. You must resolve the failed scan to re-enable this button.

To start a scan, select Run Scan.

After selecting Run Scan, the application builds the solution with Veracode settings, packages the application, such as zipping the binaries and JavaScript, and begins the scan. The message panel displays the progress:

Note that the messaging panel indicates when it is safe to open new solutions and work on other applications. When the scan completes, the Summary Report displays in the message panel to let you know the results of the scan. In this case, there are multiple findings in both the binaries and the JavaScript.

You can now click View Results to view full details on the findings.

View Results

The View Results grid opens with details about the findings.

Right-click on any finding in the grid and select from these options: - Details - History - Datapaths - Remediation Guidance - Go to Line to go directly to the line of code containing the finding. You can also double-click the grid row to go directly to the source code.

Details

The details window shows all details for the findings. Some of these details show in the grid, by default, and the details window enables you to see all details, including the Issue Description, which gives specific guidance about the finding.