About Veracode Dynamic Analysis

Getting Started with Veracode

Veracode Dynamic Analysis is a Dynamic Application Security Testing (DAST) solution that delivers an automated and scalable dynamic scanning capability that enables broad coverage at speed. You can scan both web applications and API specifications.

You can use Dynamic Analysis to:
  • Run security tests against live web applications in the late stages of development, such as test or quality assurance, or applications in production.
  • Use API Scanning to test the security of endpoints in API specifications.

To test the security of your API specifications, see Getting Started with Veracode API Scanning.

You access Dynamic Analysis from the Veracode Platform. Veracode also provides Dynamic Analysis REST APIs to automate dynamic scanning tasks.

Dynamic scans detect potential attack points by crawling web applications and API specifications and checking for vulnerabilities that put the applications at risk of attack.

Veracode Dynamic Analysis integrates with Veracode Discovery, which analyzes web application perimeters and searches for web applications within a defined IP address range or list of known hosts. Veracode also provides Veracode Internal Scanning Management (ISM) to access applications and API specifications behind a firewall.