Before you submit your Dynamic Analysis, you can choose to prescan all the URLs to verify that Veracode can reach the sites and, if authentication is required, successfully log in to the sites. Prescanning saves time by alerting you to any issues that Veracode finds with the configuration before the Dynamic Analysis runs.
To prescan a Dynamic Analysis:
Go to the Schedule page of the Dynamic
Analysis workflow, switch the Prescan option to
On if it is not already set to on.
The prescan starts immediately after submission. When the prescan completes, you receive an email notification of the results. The Dynamic Analysis still starts regardless of the results of the prescan.
- If the prescan failed, correct any connection and authentication configuration details, and run prescan again.
- If you need assistance from Veracode with any of the issues found during prescan, click Contact Support in the bottom-left of the Review and Submit screen.
Additional troubleshooting information is available in the Verification Screenshots section, which provides screenshot images that the Veracode scan engine takes at predetermined points. You can use these images to gain insight into what the scan engine discovers during a Dynamic Analysis. For example, the Authentication: Logged In screenshot can verify that the page on which the scan engine lands after executing the login script matches expectations. The Connection: Target URL screenshot can determine that a login script failed because a page redirects to different content for requests that originate from outside the corporate intranet.
|Connection: Target URL||The web page state seen by the Veracode scan engine at the end of connection verification, at the start of a scan or prescan.|
|Authentication: Logged In||Shown after the Veracode scan engine executes a user-provided Selenium login script. If the best practice of including a verification command in the Selenium script is not followed, the screenshot may show an early snapshot of the page, which may not show what the site really looks like when logged in.|
|Authentication: Logged Out||Shown after the Veracode scan engine executes a user-provided Selenium logout script. Logout scripts are optional, and this screenshot is omitted if one is not specified.|
|Authentication Failure||Shown if the Veracode scan engine encounters an error while verifying authentication using a user-specified login or logout script.|