Supported Dynamic Analysis Technologies

Getting Started with Veracode

This list of technologies helps you understand what Dynamic Analysis supports before you try to perform an analysis.

Supported Technologies

Dynamic Analysis supports scans for vulnerabilities in:

  • Web applications that you access using a browser-based user interface
  • Web applications built using Java, ASP, ASP.NET, Ruby on Rails, JavaScript, Perl, PHP, Python, or similar languages
  • Single-page (SPA) and HTML5 applications
  • Web applications built with Angular, React, and Vue.js frameworks

Unsupported Technologies

Dynamic Analysis does not support:
  • REST and SOAP APIs not directly accessed using a user interface
  • Sites that have MFA and 2FA that you cannot turn off for testing because of company policy
  • Silverlight, Java applets, and ActiveX control technologies
  • Sites with complex business logic that are unsuitable for automation using crawl scripts
  • Sites that only support connection via TLS 1.0