Veracode Static for Visual Studio is an extension for Microsoft Visual Studio. You use the extension to assist with compiling your applications and uploading them to Veracode for static analysis.
For a list of the supported versions of Visual Studio, see the Veracode-Authored Integrations page.
You must have Veracode API credentials.
- A user account with these roles:
- Creator or Security Lead role to create builds of your applications with the necessary Veracode settings
- Submitter role to upload scans to Veracode
- Sandbox User role to create sandboxes to use with the extension
- Reviewer role to check scan completion, propose mitigations, and import results to Visual Studio
- Mitigation Approver role to approve mitigations
- An API service account with these API roles:
- Upload and Scan API to create application profiles, create sandboxes, and upload and scan applications
- Upload API - Submit Only to submit scans
- Mitigation API to mitigate flaws found in applications
- Results API to download, import, and view Veracode results