If you're new to application security testing or want to run your first scan with minimal setup, try scanning using the Veracode Platform.
Before starting your first security scan, Veracode recommends that you read these sections to become familiar with key Veracode product features and concepts and to ensure you meet certain requirements.
- Review and customize your application security policy
- Define the standards for application security that you want to enforce through Veracode or accept one of the default Veracode policies.
- Get started with application risk management
- When scanning applications you developed in-house, which ones should you scan first?
- Define the application portfolio
- After identifying applications you want to scan, add them to your application portfolio in the Veracode Platform.
- Review supported languages, platforms, and application packaging requirements
- Review the supported languages and platforms for scanning applications using Veracode Static Analysis. Also, to ensure that Veracode can successfully scan your application and provide the most accurate results, verify that your application meets the compilation or packaging requirements.
- Choose a scan type
- Veracode provides multiple scan types for assessing the security of your applications. The best scan for a given application depends on its business criticality and how it is built.
- Supported languages and platforms
- Review the supported languages and platforms for Veracode Static Analysis.
- Compile your application for a static scan
- Review the requirements for compiling your applications to ensure that Veracode can successfully complete the scans and provide the most accurate results.