The Veracode Platform analyzes both your own and third-party code in a single scan, providing you visibility across your entire application portfolio. You can access SCA results after your static prescan is complete.
To use Veracode Software Composition Analysis, select at the top of the Veracode Platform. You must have the Executive, Security Lead, or Administrator role to view the data. You can also navigate to SCA from the left navigation menu to view SCA in the context of an application.
Depending on your role, you can:
View a list of application vulnerabilities from applications in your portfolio to view which applications are passing or failing your policy.
View which of your components are passing or failing the security requirements specified in the SCA policy rules, and the remediation practices you can take to lower your application security risk.