Configuring Policy Settings

Application Security Policies

Setting Default Policies

The Veracode Platform enables you to set default policies that are automatically assigned to newly created applications. You can also change notification settings for policy-related notifications. You must have the Policy Administrator role to set default policies or customize notification settings.

A default policy is assigned to an application based on the business criticality of the application. This feature provides the consistent setting of policy across the application portfolio.

To set default policies:

  1. Click Policies > Policy Settings.
  2. For each business criticality, select the policy to be assigned by default.
  3. Click Save.

Changing the Notification Settings

You can also activate or deactivate Platform notification emails that may be sent when a policy is changed or added to an application, when a required scan is due, and when one or more flaws is due to be remediated. You can activate or deactivate these policies across the portfolio or for applications with a specific business criticality.

To change notification settings:

  1. Click Policies > Policy Settings.
  2. Select either Yes or No to enable or disable policies.
  3. Click Save.