Veracode
Veracode is an application security testing (AST) platform offering static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), manual penetration testing, and developer security training. The Veracode Platform provides a comprehensive suite of REST APIs enabling organizations to automate security testing, access findings, manage policies, generate reports, and administer users and teams. All REST APIs use HMAC authentication with API ID/key credentials and return JSON responses following OpenAPI standards.
APIs
Veracode Applications REST API
The Applications REST API provides access to all applications in a Veracode portfolio, including application profiles, policy evaluations, sandboxes, and compliance status. Enab...
Veracode Findings REST API
The Findings REST API retrieves security findings from static, dynamic, manual penetration testing, and SCA scans for applications. Supports filtering by CWE, severity, scan typ...
Veracode Identity REST API
The Identity REST API manages users, teams, business units, roles, and API credentials for a Veracode organization. Provides CRUD operations for user accounts, API service accou...
Veracode Reporting REST API
The Reporting REST API generates asynchronous security reports for findings, scans, deleted scans, and audit events across the Veracode portfolio. Supports filtering by applicat...
Collections
GraphQL
Veracode GraphQL API
Veracode is an application security testing platform covering static analysis, dynamic analysis, SCA, and manual penetration testing. The API covers scan submissions, results, f...
GRAPHQL