Before you can upload binaries to the Veracode Platform using Veracode Static for IntelliJ, you must have the Upload and Scan API role or Submitter role. To obtain detailed findings information in your scan results, be sure the builder you use to package your code generates debug symbol information.
- In IntelliJ, select .
- If prompted, enter your Veracode API ID
and key. Optionally, select the checkbox to store your credentials so that you
only have to enter them once.
- In the Upload and Scan window, from the Application dropdown menu, select the application for which you want to upload binaries.
- Click Add Application to add applications that are not currently
in the list, and provide all the information about the application, including policy
control and organization information.
- After adding the application (if applicable), go to the Upload and Scan window. Then,
for Scan Type, select Policy Scan or Sandbox
- If you select Sandbox Scan, you must choose the sandbox from which you want to scan, or follow the prompts to create a sandbox if one does not already exist for this application.
- If you do not change the scan type, click Create Scan.
- In the Create Scan window, enter the name for the new scan and, optionally, the lifecycle stage.
- Click Create.
- In the Workspace Files table, use the browse icon to select the files you want to upload from your current projects.
- Click Add to select any files not associated with a current project.
- Select Upload.Note: You cannot upload binaries if Veracode is currently scanning an application. Wait until the scan results are available and, then, you can add more files. You can run sandbox scans and policy scans concurrently, but you can only run one static scan at a time per application profile or sandbox from the Veracode Platform or APIs.Veracode expects the name of the uploaded file to be the same between scans of the same application. However, because filenames can change between builds of the same code, you can change the filename before uploading to keep the name consistent. If Veracode indicates that the filenames are not the same, click the New Filename column to rename the file, so that it matches the previous name for the same file.
- When prompted to confirm, click Yes to continue the upload.
- Click Yes to go directly to the Veracode prescan process after the upload. If you do not want the full scan to continue automatically, click No and, when ready, click Begin Prescan at the top of the Upload Files table.
Veracode contacts you when your scan is complete and results are available.