- 1 Minute to read
- Print
- PDF
Veracode
- 1 Minute to read
- Print
- PDF
About this document
This document provides the step-by-step procedure to configure Veracode in SAFE.
Introduction
SAFE integrates with Veracode, and fetches the security misconfiguration of the Veracode account in SAFE.
Prerequisites
Access required in SAFE:
SAFE Admin Access
Access required in Veracode:
Veracode Admin Access
Required User Inputs:
API URL
API Secret
API ID
Asset Name in SAFE (optional)
Scope:
Admin Access
Generate Connection Details
How to generate API ID and Secret Key (API Key)
Log in to your Veracode account as Admin.
On the dashboard, click on the API Credentials button.
Click on the Generate API Credentials button.
The system generates and displays the API ID and Secret Key. Copy and save these credentials to use later while configuring the Veracode account in SAFE.
It's important to regularly update the credentials in SAFE according to their expiration date.
How to get API URL
Access the Veracode API documentation by clicking on the provided link.
Upon reaching the Veracode API documentation page, locate the section titled "Enable API access".
In the exhibit provided, find the base URL highlighted as 3. Copy and save the value and add “https://” to form the API Base URL to use it while configuring Veracode in SAFE.
Configuring Veracode in SAFE
Log in to your SAFE account as Admin.
Click Integrations from the left navigation.
Scroll to find the Veracode integration card or search for Veracode in the search bar.
Hover over the Veracode integration card and click on the Configure button.
Enter the following:
API URL
Secret Key
API ID
Asset Name in SAFE (optional) - Provide a unique identifier which can uniquely identify the asset
Enter the Auto Sync Frequency.
Click on the Test Connection button.
Once the connection is successful, click on the Save button.
Once the configuration is saved successfully, click on the Sync Now button to trigger an on-demand sync.
Upon a successful sync, the system pulls the Veracode assets and their findings in SAFE. You can track the status of the sync in the History table.
View Results
Go to the integration homepage.
Scroll to find the Veracode integration card or search for Veracode in the search bar.
Click on the Veracode integration card for Finding View and Asset View.
Finding View: This tab displays all the findings details pulled from Veracode.
Asset View: This tab displays all the assets pulled from Veracode.
History
Learn More about Integration History here.
SAFE's Outgoing IP Addresses
Click here to find the outgoing IP addresses of SAFE. All traffic to any integrations in SAFE will see one IP address as the source IP of the incoming connection.