Kotlin SCA agent-based scanning
You can find vulnerabilities in your Kotlin repositories using Veracode Software Composition Analysis agent-based scanning. You can run agent-based scans of Maven and Gradle repositories using the agent-based scanning command-line interface or the CI integrations.
The requirements for running a scan and reviewing results for Kotlin repositories are the same as the requirements for Java repositories.
For packaging instructions for Veracode Static Analysis and Veracode SCA upload scans, see Packaging Kotlin applications.