Veracode 101

Veracode Integration Guide

Veracode 101

Veracode 101

Veracode is an application security company based in Burlington, Massachusetts. Founded in 2006, the company provides an automated cloud-based service for securing web, mobile and third-party enterprise applications. Veracode provides multiple security analysis technologies on a single platform, including static analysis, dynamic analysis, mobile application behavioral analysis and software composition analysis.

Generating API ID and Key Credentials

Enter Point :

Jenkins Plugin

    stage('Veracode Upload and Scan') {
      withCredentials([usernamePassword(credentialsId: 'veracode', passwordVariable: 'PASSWD', usernameVariable: 'USER')]) {
        veracode applicationName: 'xxx', 
        canFailJob: true, createProfile: true, criticality: 'VeryHigh', copyRemoteFiles: true,
        fileNamePattern: '', replacementPattern: '', sandboxName: '', scanExcludesPattern: '', scanIncludesPattern: '', 
        scanName: 'xxx', teams: 'xxx', timeout: 15, 
        uploadExcludesPattern: '', uploadIncludesPattern:  'target/*.jar',
        vid: xxx, vkey: xxx,
        vpassword: '$PASSWD', vuser: '$USER'

IntelliJ Plugin

Download Greenlight :
Download Static :

Install the Veracode Static IntelliJ Plugin


Downloading plugin for IntellJ:

Upload Binaries to Scan Using the Veracode IntelliJ Plugin

VS Code Extension

1. Generate your Veracode API ID and key on the Veracode Platform.

2. Run Command Prompt.

# Navigate to your user directory.
cd Users\<your username>
# Create a folder named ".veracode".
md .veracode
# Open Visual Studio Code and create a new file.
# Copy and paste the following template into the new file.

# [greenlight]
# veracode_api_key_id = <Your Veracode API ID>
# veracode_api_key_secret = <Your Veracode API Key>

# Replace the ID and key values in the template with your Veracode API ID and key. For example:

# Save the file as "credentials" with the "Save as type" set to "No Extension".

3. Return to Visual Studio Code and run a scan.

Scan a file with Veracode Greenlight through any of the following methods:

  • Save your file with auto-scan enabled.
  • Type **Ctrl + Shift + \ **(Windows) and **⌃ + ⇧ + \ **(macOS).
  • Run "Veracode: Scan with Greenlight" from the Command Palette.
  • Click the Greenlight icon in the file toolbar.
  • Right-click a file in the Explorer and select "Scan with Greenlight".