Using the VAST Program

Third-Party Application Security Testing

The Veracode Vendor Application Security Testing (VAST) program helps enterprises better understand and reduce the security risks associated with using vendor-supplied software.

Editing the VAST Vendor Application

Enterprise clients can edit the Profile and Metadata pages of a vendor application to collect useful metadata.

Enterprise users who have the Creator or Security Lead role can edit the following fields in the application Profile or Metadata pages of a vendor application:
  • Application Name
  • Description
  • Tags
  • Business Unit
  • Business Owner
  • Owner Email
  • Visibility
  • Industry
  • Application Purpose
  • Deployment Method
  • Archer Application Name
  • Custom fields
Note: You cannot edit the profile or metadata of a VAST vendor application by using the Veracode APIs.