The Vulnerability Response Integration with Veracode application uses
data imported from the Veracode product to help you determine the impact and
priority of flaws in your code.
Veracode Vulnerability Integration
The Veracode product collects scanner data and makes that data available to
the Now Platform®. It easily integrates with the Application Vulnerability Response feature of Vulnerability Response to map
third-party vulnerabilities enriching the data in your instance.
There is a configured run-as user for each integration record. The default value for this
user is VR.System. Do not change this value.
Every day, scheduled jobs invoke the integrations automatically in the order they are
listed. You can also execute individual scheduled jobs manually. Scheduled jobs simplify the
vulnerability remediation life cycle by keeping the instance synchronized with other
vulnerability management systems.
Veracode Vulnerability Integrations
To view the Veracode vulnerability integrations, navigate to .
The following integrations are included in the base system. Only the Veracode Application List Integration integration is active, by default.
Table 1. Veracode Vulnerability Integrations
| Integration |
Description |
| Veracode Application List Integration |
Retrieves Veracode application scanner data (vulnerabilities,
metadata) and enriches your application data. This integration is set to run daily
at 00:00:00. |
| Veracode Scan Summary |
Retrieves scan records from Veracode. This integration is
chained to run following the Veracode Application List Integration
when activated. |
| Veracode Application Vulnerable Item Integration |
Retrieves scan results from Veracode, inserts AVIs and
enriches your third-party vulnerability data. This integration is chained to run
following the Veracode Scan Summary integration when
activated. |
For integration run statuses see, View the Veracode Vulnerability Integration import run status.
To view data in third-party vulnerabilities, see View vulnerability libraries.
