Using application data with Veracode SCA

The Applications tab provides a portfolio view of the vulnerability status of your applications and whether the applications are meeting the associated policies. The list of applications indicates who submitted the scan and the level of severity for each of the vulnerabilities found.

A colored-coded shield icon in the Policy Control column of the Applications tab indicates the policy status of this application and whether the application is meeting the requirements of its assigned policy. The colors green, orange, and red indicate passing, conditional pass, and failing. The number of components within the application that are in violation of this policy is also listed. Click the blue ? icon to view the details of the associated policy and its rules.

To include agent-based scan findings in the policy for your application, you can link your project to an application.

Use the filter function to find applications by CVE ID, application name, blocklist presence, component name, severity, or any combination of these filters. If you switch tabs after filtering data, the filter sorts the content in the new tab unless you clear the filter. If you are an enterprise customer, you see the name of the software vendor before the application name for third-party applications.