Scan with Veracode Greenlight for Eclipse

Veracode Greenlight

You can scan your Java or JavaScript code, including a package file containing code, directly within your IDE.

  • On Windows, the log file is in the Temp folder here: C:\users\username\AppData\Local\Temp\
  • On Linux, the log file is in the tmp folder here: /tmp
  • On macOS, run this command in your terminal: open $TMPDIR

To start a Veracode Greenlight scan in your IDE:

  1. Open the project and select the Java or JavaScript file you want to scan.
  2. Select Veracode Greenlight > Scan with Greenlight, or use the shortkey, Ctrl+6.
    You can also right-click a package file and select Veracode Greenlight > Scan with Greenlight to scan all files contained in the package.
  3. After the scan is complete, review the security findings on the Veracode Greenlight tab.
    The Veracode Greenlight results are summarized in the Findings subtab. In the Best Practices subtab, Veracode indicates the CWEs protected against in the code. The scan level indicates whether Veracode scanned at the package level or file level.
  4. Double-click a finding to locate the issue in the specific line of code in the scanned file.
  5. Alternatively, right-click a finding to see the actions you can choose: open the finding in the scanned file, show the finding details in a separate Details pane, or filter by severity or CWE.


The details for each finding provide information about the CWE and specific remediation advice on what you can do to fix the code.

To clear all the results of the Veracode Greenlight scan, click the eraser icon in the top-right corner or use the shortkey, Ctrl+0.