Enforcing Application Security Policies

Getting Started with Veracode

You can use Veracode to enforce consistent application security policies across your entire inventory of applications, both those that you develop and third-party applications. You can use a pre-defined Veracode policy or create your own custom policy to enforce the rules of your organization.

Before getting started with policies, Veracode recommends that you:

To enforce a custom policy:

  1. Create a policy
  2. Set default policies
  3. Set a policy for an application
  4. Set custom severities
  5. Review policy adherence

Setting SCA Policies

You can design policies specifically for rules for Software Composition Analysis (SCA). For more information, see Include SCA Findings in Policy