What do I scan when changing code in Veracode?

Meri Harutyunyan - PeerSpot reviewer
  • 1
  • 9
PeerSpot user

1 Answer

Real User
Sep 13, 2023

After the first full scan with Veracode SAST, when you change something in the code, you can choose to scan the code again entirely or only the changes.

  • Scanning the code again completely

This option may be the most comprehensive, as it will identify all potential security vulnerabilities, even those introduced in the most recent changes. However, they say that this option can be time-consuming and resource-intensive.

  • Scanning only the changes

This option may be faster, and it could be the more efficient option, as it will only identify the potential security vulnerabilities that were introduced in the most recent changes. However, it may not identify all of the potential security vulnerabilities.

The best option for you will depend on your circumstances. If you are concerned about missing any potential security vulnerabilities, then scanning the code again completely may be best. However, if you are looking for a faster and more efficient option, scanning only the changes may be the option you can choose.

Learn what your peers think about Veracode. Get advice and tips from experienced pros sharing their opinions. Updated: November 2023.
746,635 professionals have used our research since 2012.
Search for a product comparison
Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing. Veracode's static analysis solution scans source code for various security vulnerabilities, including common web application attack vectors, injection flaws, cross-site scripting, and insecure direct object references....
Download Veracode ReportRead more

Related Q&As