Email Notifications

Administration Guide

Veracode emails notifications about your scans and other important information.

Account Emails

Veracode sends email notifications when the following scenarios occur:
New User Provisioned
Veracode sends you an email when your account is provisioned.
Password Changed
Veracode sends you an email any time you change your password. New users are required to change their password when they log in for the first time.
Forgot Password
Veracode sends you an email when you click the forgot password link to help reset your password.
Email Address Changed
Veracode sends you an email when you change your email address associated with your account.
API Credentials Expiring
Veracode sends you an email one week before your API credentials expire and another one day before they expire. The emails explain how to generate new credentials.
User Account Locked
Veracode sends an email to alert you that you are temporarily locked out of your account because of too many incorrect password attempts.

Scan Emails

Veracode sends email notifications when the following scenarios occur:

Discovery Emails

Discovery Scan is complete
Veracode sends an email stating discovery results import is complete and how to review the results.

Static Emails

Static Scan Submitted
Veracode sends an email to inform users that the static scan is submitted successfully, and reminding them that you still have to submit the full scan after the prescan is successful.
Static Scan Complete
Veracode sends an email stating that the results from the scan are available. The email is sent to the users in the team assigned to an application who have one or more of the following roles: Executive, Reviewer, Security Lead, Archer Reports, Results API.
Scan ETA Updated
Veracode sends an email to the team assigned to the application if the scan is taking longer than expected.
Partial Scan Results Available
Veracode sends an email to the submitter of the scan stating that partial results for the scan are available and they can begin viewing a portion of their results.

DynamicMP Emails

DynamicMP Scan Submitted
Veracode sends an email to inform users that the DynamicMP scan is submitted successfully and reminding them that you still have to submit the full scan after the prescan is successful.
Scan Requires Approval
Veracode sends an email to the security lead of an application stating that a scan requires their approval.
Scan Approved
Veracode sends an email to the scan creator stating that their scan was approved by the security lead.
DynamicMP scan is complete
Veracode sends an email to the security lead that the DynamicMP scan is complete and results are available.

Dynamic Analysis Emails

Prescan Successful
Veracode sends an email to the creator of the Dynamic Analysis scans or the last person who modified the schedule stating that the prescan passed verification.
Prescan Failed
Veracode sends an email to the creator of the Dynamic Analysis scans or the last person who modified the schedule stating that the target URL configurations in the Dynamic Analysis request failed during prescan verification.
Dynamic Analysis Failed
Veracode sends an email to the creator of the Dynamic Analysis scans or the last person who modified the schedule stating that the Dynamic Analysis has failed.
Results Published
Veracode sends an email to the creator of the dynamic analysis scans or the last person who modified the schedule stating that the results of theDynamic Analysis are published and now available.

Policy Emails

Application Policy is changed
Veracode sends an email to all user accounts associated with the account when the application policy is changed.
Grace Period Expires
Veracode sends an email to all user accounts associated with the account when the grace period is about to expire and there are flaws to be fixed.
New Scan for Policy Due
Veracode sends an email to all user accounts associated with the application affected, including the business owner to remind users to perform the specified scans by a certain date according to the policy requirements from your organization.

Report Emails

Shared report available
Veracode sends an email to all accounts associated with the application to notify them that the results are available.

Third-Party Application Security Testing Emails

Enterprise Requests Scan of Vendor Application
Veracode sends an email to all users associated with the enterprise organization account, and the primary vendor contact stating that the enterprise requested a scan of their application.
Vendor Accepts Enterprise Request
Veracode sends an email stating that the vendor has accepted the request to scan their application.
Vendor Submits Scan in Response to Enterprise Request
Veracode sends an email stating that the vendor has submitted the scan for analysis.
Vendor Has Access to Results
Veracode sends an email to the vendor owner of the application stating that scan results are available.
Scan Results Vendor Application Available to Enterprise
Veracode sends an email to the vendor owner of the application stating that scan results are available for review before publishing them to the enterprise customer.
Enterprise Completes Mitigation Review for Vendor
Veracode sends an email stating the enterprise has completed its review of the mitigations and no additional mitigations are required.
Enterprise Requests Additional Mitigations from Vendor
Veracode sends an email stating the enterprise has completed its review of the mitigations and additional mitigations are required.
Enterprise Requests Remediation Plan from Vendor
Veracode sends an email stating the enterprise has completed its review of the mitigations and would like to discuss a remediation plan in preparation for a rescan.