Veracode

Veracode Dynamic Analysis provides context around how an application responded to an attack and how it was exploited. Results are coupled with easy-to-follow remediation advice so developers can rapidly remediate vulnerabilities.

Internal Scan Management is a secure gateway that enables customers to scan applications that aren't directly reachable from the Internet, such as instances in testing or staging, or internal applications.

Veracode Dynamic Analysis can be integrated with build systems, such as Jenkins, or triggered through APIs to automatically scan applications in staging or production.

Veracode Discovery identifies every web application, not just those that fall within the known IP range. Veracode Discovery surfaces a comprehensive list of web applications using multiple inputs, such as domains and brand name keywords.

Organizations use Veracode Discovery alone or integrated with Veracode Dynamic Analysis to enable streamlined scanning of discovered assets. Veracode says that this combination enables security teams to prioritize which vulnerabilities should be fixed first.

Veracode Discovery can be used in security audits as part of the corporate due diligence workflow. Veracode Discovery enables teams to map out all web applications that are part of an acquired entity so that they can manage risk more effectively.

With Veracode Discovery, organizations regularly discover unmanaged websites that can be shut down, which reduces both the attack surface and operational costs.