Skip to main content

About the Veracode SCA command-line agent

Setting up Veracode Software Composition Analysis agent-based scanning for your desktop allows you to view open-source vulnerability and component information for your personal repositories in one central location.

The agent-based scanning command-line interface (CLI) allows the scanning of both your local file system and of repositories located in a source code management system. The agent-based scanning CLI allows highly configurable and scriptable usage.

If you encounter issues with agent-based scanning in your pipeline, you can use the command-line agent to run scans locally for troubleshooting purposes.

Parts and requirements

  • Veracode SCA agent for building, scanning, and sending evidence from repositories to the platform. For full list of requirements for the agent, see Using the Veracode SCA agent.
  • The correct requirements depend on the scanned language. To see what those requirements are, see the agent-based scan support matrix.