Veracode offers application scans as an integral part of any company-wide security policy. You can use Veracode to enforce consistent application security policies across your entire inventory of applications, both those that you develop and third-party applications.
Application scans deeply analyze individual applications and provide a detailed report on the discovered flaws and remediation guidance. Veracode recommends both static and Dynamic Analysis scans for web applications with very high, high, or medium business criticality. Using all scan techniques increases the completeness and depth of analysis for your application.
- Static Scans
- Perform deep analyses in an offline environment of compiled or ready-to-deploy web, enterprise, desktop, or mobile applications to detect security flaws in the underlying code. Static scans create a model of the entire application and analyzes its data and inter-procedural flow, and are ideal if you have access to the compiled code for your web or backoffice (non-web) applications.
- Dynamic Scans
- Perform deep analyses of web applications, using customized scan, crawl, and authentication settings to establish a deep understanding of the vulnerabilities of a single web application. Dynamic scans simulate malicious user behavior and detect potential attack points by crawling the application and checking if intended functionality can be misused. This type of scan is necessary if the web application and its security are critical to your business.
- Manual Penetration Testing
- Leverage and extend the findings identified by automated static and dynamic assessments to uncover unforeseen design issues within an application.
You must have the Creator, Submitter, or Security Lead roles to be able to start a scan. In addition, you must also have the
specific permission to submit each type of scan. Click Your
Account in the top-right of the Veracode Platform to review your scan
permissions. Contact the Veracode administrator in your organization if you want to
request further permissions.