After you have the report for your application, you can improve its security quality using the Veracode Platform:
The Veracode Triage Flaws page and associated reports provide actionable guidance on which flaws to fix in which order to get the fastest improvements in security.
A developer can use the Triage Flaws page to review static flaws in the context of the application source.
You can use many criteria to find subsets of flaws in the Triage Flaws page.
Development teams can use the flaw mitigation workflow to manage the process of fixing security vulnerabilities.
Request the scan results for a third-party application.
Use Software Composition Analysis to review the vulnerabilities in your third-party components.
Submit a new scan for confirmation
After you make the improvements, you should submit a new scan request for the application to verify your fixes.
Specific features in Veracode reports help you verify that you have fixed the flaws.
Veracode Analytics provides a view of your application risk and compliance across your entire application portfolio. It also allows you to compare your results to those of other Veracode users.
Use one of the cleansing functions that Veracode static scans recognize if you want Veracode to verify your fix.
Use the Archer API to integrate your Veracode application risk data with the Archer dashboard.