Scan Results

Results and Reports

The following topics explain how your application results are scored and presented:

About Veracode's Methodology
Veracode uses multiple analysis techniques to provide a consolidated application security rating.
About Business Criticality
Your application security policy is based on the application's business criticality, or the level of risk the application can tolerate based on its anticipated use.
Scoring Methodology
The Veracode scoring system is based on industry standard classifications of software flaw types and exploit impact.
Veracode and the CWE
Veracode uses the industry standard Common Weakness Enumeration as a flaw taxonomy.
Understanding Severity and Exploitability
Severity and exploitability are different measures of the seriousness of a flaw.
Best Practice Findings
Veracode can detect certain uses of security best practices.
About Manual Assessments
Manual assessments may provide some additional types of information about an application's security.

These topics describe how to access different downloadable views of the application findings. The Summary Report is available for all third-party and open source applications. The Detailed Report and Detailed XML Reports are available for internally developed and maintained applications.

Access the Summary Report
Download a summary version of your application's findings that does not contain detailed flaw information.
Access the PCI Report
View and download a report that evaluates your application against the latest PCI standard.
Download the Detailed XML Report
Download a copy of the detailed results for your application in XML format.
Understand the Links Report
For DynamicDS and Dynamic Analysis, get information about the scan coverage of your application.
Share VAST vendor shared reports
VAST program vendor users can share results of their latest scans to an enterprise organization.
Download VAST vendor shared reports
VAST program enterprise users can access results from vendor application scans

If you need further assistance understanding your scan results, schedule a consultation call with Veracode Technical Support.