Improving Application Security
After you have the report for your application, you can improve its security quality using the Veracode Platform:
The Veracode Triage Flaws page and associated reports provide actionable guidance on which flaws to fix in which order to get the fastest improvements in security.
A developer can use the Triage Flaws page to review static flaws in the context of the application source.
Search for a specific flaw in the Triage Flaws page
You can use many criteria to find subsets of flaws in the Triage Flaws page.
Development teams can use the flaw mitigation workflow to manage the process of fixing security vulnerabilities.
Review a third-party application as the vendor
Request the scan results for a third-party application.
Evaluate your third-party components
Use Software Composition Analysis to review the vulnerabilities in your third-party components.
Submit a new scan for confirmation
After you make the improvements, you should submit a new scan request for the application to verify your fixes.
Verify fixed flaws through reports
Specific features in Veracode reports help you verify that you have fixed the flaws.
Use Veracode Analytics to manage application risk
Veracode Analytics provides a view of your application risk and compliance across your entire application portfolio. It also allows you to compare your results to those of other Veracode users.
Use one of the cleansing functions that Veracode static scans recognize if you want Veracode to verify your fix.
Download an Archer feed of your application data
Use the Archer API to integrate your Veracode application risk data with the Archer dashboard.