Veracode Greenlight Best Practices

Veracode Greenlight

Veracode Greenlight detects coding best practices in which the code has protected the application against specific Common Weakness Enumerations (CWEs). The Best Practices subtab lists the coding best practices detected during the Veracode Greenlight scan and the CWEs avoided. You can click Details to learn more about the specific CWE.



Veracode Greenlight can detect when a coding best practice is present against the following CWEs:
  • Taint-based CWEs
    • CWE 80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    • CWE 93: Improper Neutralization of CRLF Sequences (CRLF Injection)
    • CWE 113: Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Response Splitting)
    • CWE 117: Improper Output Neutralization for Logs
    • CWE 201: Information Exposure Through Sent Data
    • CWE 611: Improper Restriction of XML External Entity Reference (XXE)
  • Non-taint based CWEs
    • CWE 326: Inadequate Encryption Strength
    • CWE 327: Use of a Broken or Risky Cryptographic Algorithm
    • CWE 329: Not Using a Random IV with CBC Mode
    • CWE 331: Insufficient Entropy
    • CWE 338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
    • CWE 780: Use of RSA Algorithm without OAEP