Reviewing Veracode Greenlight Findings in IntelliJ or Android Studio

Veracode Greenlight

After the scan is complete, review the security findings on the Veracode Greenlight tab in your IDE.

A summary of your Veracode Greenlight scan is available on the Findings tab. The scan level indicates whether the scan occurred at the package level or file level. The scan results on the Best Practices subtab provide coding best practices and also list the CWEs against which your code is protected.

You can enable a setting that adds a red underline to the filename of files with detected findings. In IntelliJ, select Tools > Veracode Greenlight > Configure Preferences and, then, select the checkbox under the Settings section. Click OK to save the setting.

The scan results use colored lines to identify findings and best practices. The colors correlate to the finding severity type: Very High, High, Medium, and Low. For example, code that contains a finding is highlighted red and code that contains a best practice is underlined green.