Our primary use case for Veracode is SAST and SCA in our SDLC pipelines. We also use it for DAST on a periodic basis and time-based scans on our staging system. We use the trading modules for certifying all our developers annually.
In addition, we use Veracode to scan within our build's pipeline. We do use Greenlight, which is their IDE solution for prevention of issues of vulnerabilities.
we are FedRAMP certified as a company, so we use this as part of our certification process for Veracode ISO 27001 and various other certifications we have.