Vendors who want to share scan results can opt to generate reports for enterprise organizations. To enable the sharing of Veracode reports, contact Veracode Technical Support.
As a vendor, as soon as scan results are available, you are able to send a copy of the results to an organization of your choice.
- From the left navigation menu, click Results to go to the Results page.
- To share the results of the latest scans of each scan type, click Share in the top right to open the Share this Report window. If this icon is disabled, contact Veracode Technical Support to establish the relationship between you and the enterprise organization.
- Select the enterprise organization with whom you want to share the report. This dropdown list is based on vendor relationships you have with other organizations. To add more organizations to this list, contact Veracode Technical Support.
- Select the policy against which you want to calculate the results of the report. The policy details appear, showing you the description, rules, and scan requirement of the policy.
- Click Save and Continue.
The generated report is listed in the Shared Reports page, which you access from the left navigation menu. At a glance you can see which reports you generated and when. The color of the shield icon in the Generated For column indicates whether the policy compliancy is a pass (green), conditional pass (orange), or a fail (red).
When you are ready to send the generated report to the selected organization, click Share Now. You receive a prompt to confirm that you are ready to share.
You are only sharing the Summary Report, as well as the SCA Report, if you have subscribed to the Software Composition Analysis (SCA) feature that Veracode offers for examining the components that comprise a software application. The Detailed Report is specifically for your information only.
To access shared reports for any application, click the application name on the Applications page or the report name on the Shared Reports page. Only the vendor who owns the application and the security lead, executive, and reviewer members of the enterprise team can access a vendor's shared reports.
To unshare a report you have already shared with an organization, click Undo to revoke the shared action. When prompted to confirm your choice, click Yes.
The report is no longer available to view or download by the enterprise recipient.