Configuring the Veracode Dynamic Analysis

Dynamic Analysis

A Veracode Dynamic Analysis scans the URLs that you provide for vulnerabilities.

After you have created the Dynamic Analysis and entered the URLs to scan, you can optionally provide more configuration information. You must have the Creator, Submitter, or Security Lead role to configure or edit a Dynamic Analysis.

Analysis Blacklist

If you want to ensure that Veracode does not scan specific URLs, you can add them to the analysis blacklist by selecting the option Exclude the following URLs. Enter the filepath or directory path of the URLs you want to exclude from this analysis. If you enter a directory path, everything in that directory and its subdirectories are excluded.

The URL-level blacklist takes precedence over this analysis-level blacklist, therefore, any additional URLs you enter on the URL-level blacklist during this configuration step are also excluded.

User Agent

The user agent is a string of browser-specific text in the header that the scan engine uses when scanning your analysis. The agent string defines which browsers and devices you want to include in the scope of the analysis. If available, select the required browser. If the browser you want is not available, select Custom and enter the custom string. In the User Agent String field, use browser-specific formatting to add any additional custom text to the prepopulated string to identify the browser source.

Contact Information

Provide the contact information for the person responsible for this Dynamic Analysis and its results.



When you have completed the Dynamic Analysis configuration, you can:
  • Click Edit in the row of any of the URLs to customize the configuration for each individual URL.
  • Click Basic Information to change the general details for the Dynamic Analysis.
  • Click Schedule to optionally provide scheduling details.
  • Click Review and Submit to review the Dynamic Analysis and then submit it.

Editing a Dynamic Analysis

You can edit the entire Dynamic Analysis at any time when the Dynamic Analysis has a status of:
  • Scheduled
  • Stopped
  • Published - Results Available
  • Not Submitted

Go to the All Dynamic Analysis Scans page, select the Dynamic Analysis you want to edit, and in the Dynamic Analysis Summary section, click Edit in the top-right corner.

Edit the configuration details that you want to change, and click Save.