Step-by-step Tutorial on Setting up Veracode for a New Software Project

by

Setting up Veracode for a new software project is a crucial step in ensuring the security and integrity of your application. This tutorial guides you through the process step-by-step, from creating an account to running your first scan.

Step 1: Create a Veracode Account

Visit the Veracode website and sign up for a new account. You will need to provide your company details and contact information. Once registered, verify your email to activate your account.

Step 2: Log In and Access the Dashboard

Use your credentials to log into the Veracode platform. Upon login, you will see the dashboard, which provides access to various tools and options for your projects.

Step 3: Create a New Application Profile

Navigate to the “Applications” section and click on “Create Application.” Enter a name and description for your project. Select the appropriate language and technology stack to tailor the security scans.

Configure Application Settings

  • Set the application type (e.g., Java, .NET, Python)
  • Define the build method (manual upload or CI integration)
  • Specify the scan type (static, dynamic, or software composition analysis)

Step 4: Upload Your Code or Configure CI/CD Integration

You can upload your code directly through the platform or integrate Veracode with your Continuous Integration/Continuous Deployment (CI/CD) pipeline. For CI/CD, follow the provided plugins and API documentation to automate scans.

Step 5: Run Your First Scan

Once your application is configured, initiate a scan. Monitor the progress through the dashboard. After completion, review the detailed security findings and prioritize fixes.

Step 6: Review and Address Vulnerabilities

Analyze the scan report to identify vulnerabilities. Use Veracode’s guidance to remediate issues effectively. Re-scan as needed until your application meets security standards.

Conclusion

Setting up Veracode for your software project enhances your security posture from the start. Regular scans and prompt remediation help protect your application and your users. Follow these steps to integrate security into your development workflow seamlessly.