About Veracode Static Analysis

Getting Started with Veracode

Veracode Static Analysis is a Static Application Security Testing (SAST) solution that enables you to quickly identify and remediate application security findings. It analyzes major frameworks and languages without requiring source code, so you can assess the code you write, buy, or download, and measure progress in a single platform.

By integrating with your software development lifecycle (SDLC) toolchain and providing one-on-one remediation advice, Veracode Static Analysis enables your development team to write secure code and assess the security of web, mobile, desktop, and back-end applications. You can use development sandboxes to test and fix code between releases without impacting the compliance status of the application.

You can also perform static analysis with the Veracode APIs or use the Veracode integrations to add static analysis to your IDEs, build systems, and ticketing systems. The Pipeline Scan provides another method of adding static analysis to your development pipelines.