When your application scan is complete, you can use the Veracode extension to download the scan results to your local machine or from the Veracode Platform.
You must have the required user roles to use the Veracode Visual Studio Extension. To access the Results API, a human Veracode account must have either the Reviewer or Security Lead role, and a non-human API account you must have the Results API role to be able to download results. Ensure you have these permissions before attempting to integrate Veracode into your Visual Studio development lifecycle, otherwise you receive access denial errors.
Downloading Results Using the API
- Select . If the Veracode menu is not visible, check you have correctly installed the extension.
- If prompted, enter your Veracode API username and password, and select Store username and password so that you only have to enter your credentials one time.
- Click Submit.
- In the Download Results window, select the required application, scan type, and specific
scan, and click Download.
- Go to .
- In the Detailed Reports tab, enter the path of the local location where you want to save the results.
- Click Apply and then OK.
Downloading Results Using the Veracode Platform
- From the left navigation menu of your application, click Results.
- Click Download Report, and select Detailed XML Export (XML)
from the dropdown menu.
- Click Download. The report is provided as a zip file that contains the XML document and the associated XSD XML schema.
- In Visual Studio, go .
- Navigate to the location of the XML zip file that you downloaded from the Veracode Platform, and select it.
If you do not have the Reviewer role or the Results API role, you are not able to download scan results to Visual Studio by using the Veracode extension. However, if you have downloaded the scan results XML report from the Veracode Platform, you can view these results in Visual Studio.
To view scan results you previously downloaded from the Veracode Platform, go to the
Veracode menu and click View Results. Browse
to and select the XML results file to open in Visual Studio.
- Filter or search for discovered flaws.
- Double-click a flaw to open the source file (if the solution is open) and highlight the line that contains the flaw.
- Right-click a flaw to see other viewing options, such as viewing the call stack for that flaw.
- Right-click a flaw and select Show Details to display a window that contains the description of that flaw and remediation guidance.