We used it for initial discovery and analysis and for reviewing the product. We were doing a trial. We had uploaded code on the Veracode server for analysis. We used the cloud service or the cloud website where you could interact and identify the artifacts that you wanted to be reviewed, analyzed, and reported on. There was a plugin that we used with some of our IDs. It probably was Greenlight.
Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.
Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis...
I'm the manager of DevOps and cloud architecture.
Our development team use this solution for static code analysis and pen testing.
We used it for initial discovery and analysis and for reviewing the product. We were doing a trial. We had uploaded code on the Veracode server for analysis. We used the cloud service or the cloud website where you could interact and identify the artifacts that you wanted to be reviewed, analyzed, and reported on. There was a plugin that we used with some of our IDs. It probably was Greenlight.