Using the Veracode SCA Command-Line Agent

Veracode Software Composition Analysis

Setting up Veracode Software Composition Analysis agent-based scanning for your desktop allows you to view open-source vulnerability and component information for your personal repositories in one central location.

The agent-based scanning command-line interface (CLI) allows the scanning of both your local file system and of repositories located in a source code management system. The agent-based scanning CLI allows highly configurable and scriptable usage.

If you encounter issues with agent-based scanning in your pipeline, you can use the command-line agent to run scans locally for troubleshooting purposes.

Parts and Requirements