Uploading Files to a Scan

IDEs

After creating a Veracode build of your application using the Veracode Visual Studio Extension, you can upload the build to a new application or existing application profile in your Veracode portfolio.

To upload a build to a new application:
  1. Go to the Veracode menu and select Upload and Scan.
  2. If prompted, enter your Veracode API credentials, either your username/password or ID/key combination. Select the checkbox to store your credentials so that you only have to enter them once.

  3. In the Upload and Scan window, select the application from the dropdown if it already exists in the Veracode Platform, or click Add Application.
    Upload your Veracode application build
  4. Complete all the fields in the Add Application window, and click Save.

    In the Upload and Scan window, the application you just added is preselected and the Create Scan window automatically appears.
    Select the files to scan

  5. Enter the name of the new scan and optional parameters and click Create. If you want to change the scan type, you have to go back to the Upload and Scan window to change it and then click Create Scan again.
  6. In the Solution Files pane, select the solution files you want to upload.
  7. If necessary, select any files in the Additional Files section that you also want to scan, including additional application components that are not built in the solution, such as compiled files from another solution or components built in another language.
  8. Click Upload.

    You can see all the files you have uploaded and delete any files that you do not want to scan.

  9. At the prompt, click OK to start the prescan of the files when the upload is complete. If you click No, you have to select Start Prescan link on the Upload and Scan page.

  10. After the prescan verification completes successfully, the scan begins automatically.
  11. If there is an error in the prescan, you receive an error. If this happens, click View Prescan Results in the Upload and Scan window, and in the Prescan Verification Results window, select the files you want to scan. Select the modules that are independent components that should be scanned in their entirety. Leave third-party components or dependencies unselected.
    Select the files to scan
  12. Click Yes to start the scan.
Note: If you encounter an error when you upload a build, go to Tools > Options > Source Control > Environment > Checked-in items > and verify that Saving and Editing are set to Check out automatically.