Basics of the Veracode Platform

If you are new to application security testing or using the Veracode Platform, these sections help you learn the basic concepts and tasks for setting up your application security program and running scans in the Veracode Platform.

• Review and customize your application security policy: define the standards for application security that you want to enforce through Veracode or accept one of the default Veracode policies.
• Get started with application risk management: when scanning applications you developed in-house, which ones should you scan first?
• Define the application portfolio: after identifying applications you want to scan, add them to your application portfolio in the Veracode Platform.
• Review supported languages, platforms, and application packaging requirements: review the supported languages and platforms for scanning applications using Veracode Static Analysis. Also, to ensure that Veracode can successfully scan your application and provide the most accurate results, verify that your application meets the compilation or packaging requirements.
• Choose a scan type: Veracode provides multiple scan types for assessing the security of your applications. The best scan for a given application depends on its business criticality and how it is built.
• Supported languages and platforms: review the supported languages and platforms for Veracode Static Analysis.
• Compile your application for a Static Analysis: review the requirements for compiling your applications to ensure that Veracode can successfully complete the scans and provide the most accurate results.