Veracode Scan Counts ( Tjarrettveracode) - Identify Veracode application profiles with one or more static scans in an incomplete state. Veracode Sandbox Mitigated Unique Findings ( Ctcampbell) - This script will pull all open findings across all sandboxes for all applications and calculate which mitigated (proposed, accepted, or rejected) findings only exist in a single sandbox, and therefore may be deleted when the sandbox is deleted. Veracode Policy Examples ( Tjarrettveracode) - A collection of example application security "policies as code" that can be added to your Veracode organization account.
SONARQUBE VS VERACODE PDF
Veracode PDF Reports ( Jphillips-vc) - Pulls latest PDF reports from Veracode for recent Static and Dynamic scans.
Veracode BCA Builder ( Brian1917) - Shell script to generate the BCA package to scan an iOS app. The script will skip a flaw in the copy_to build if it already has an accepted mitigation. The script will copy all proposed and accepted mitigations for the flaw. Veracode Mitigation Copier ( Tjarrettveracode) - Copies mitigations from one Veracode profile to another if it's the same flaw based on the following flaw attributes: issueid, cweid, type, sourcefile, and line. Veracode Break the Build by Severity ( Christyson) - This project contains three python scripts useful for working with Veracode projects in a build pipeline to break the build if any findings of a given severity or higher are found. The types of mitigations, expiration references, and other settings are controlled in a JSON config file. VcodeMitigationExpire ( Brian1917) - Utility designed to be run on a regular cadence (e.g., weekly cron job) to expire mitigations. VcodeAutoMitigate ( Brian1917) - Command line app that mitigates flaws in Veracode based on CWE, scan type, and specific text in the description. It also provides an option to delete the build if there is one running.Ĭheck Pass Fail ( Christyson) - A simple example script to check pass/fail status of a Veracode app profile (or sandbox) or for a list of app profiles with out sandboxes. Veracode_Delete_Sandbox ( Christyson) - A simple example script to delete a Sandbox if it exists in a Veracode application profile and you have the appropriate permissions.Ĭheck Build Status ( Christyson) - Script to check if an application profile in Veracode has a build running currently. User provisioning, management and deprovisioningĪutomating common Veracode Platform tasks.Automating common Veracode Platform tasks.For a list of supported projects, please see the listing of projects on. These projects are community contributed and not supported by Veracode. A collection of useful open source projects that integrate with the Veracode APIs to automate scanning, results retrieval and other tasks.
0 kommentar(er)
