Veracode

PlexTrac supports importing Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) findings from Veracode. Veracode is an application security company offering various security analysis technologies on a single platform, such as static, dynamic, and software composition analysis.

Field Mappings

Below are the field mappings from Veracode to PlexTrac, broken up by findings and assets. If a field is not listed, PlexTrac does not currently import it.

Tables include the following columns:

  • Veracode Field: the field name that appears in Veracode

  • PlexTrac Field: the field name that appears in PlexTrac

  • Direction: displays the direction in the flow of data occurring for the integration (a value of "x" means that the value is not imported)

SAST Finding Field Mappings

Veracode FieldDirectionPlexTrac Field

Vulnerability Name

-->

Finding Title

Description

-->

Description

Background

-->

Description

Delivery Consultant

-->

Custom Field

Exploitation Difficulty

-->

Custom Field

Remediation Effort

-->

Custom Field

Recommendations

-->

Recommendations

References

-->

References

CWE ID

-->

CWE ID

Flaw Severity

-->

Severity

Remediation Effort

-->

Finding Tag

Category

-->

Finding Tag

Exploit Difficulty

-->

Finding Tag

Finding Status

-->

Finding Tag

SAST Asset Field Mappings

Veracode FieldDirectionPlexTrac Field

File Path

-->

Asset Name

Application

-->

Parent Asset

Instance Details

-->

Asset Name

Line Number

-->

Asset Evidence

Function Prototype

-->

Asset Evidence

First Occurence

-->

Asset Evidence

Remediation Status

-->

Asset Evidence

Migration Status

-->

Asset Evidence

DAST Finding Field Mappings

Veracode FieldDirectionPlexTrac Field

Veracode

-->

PlexTrac

Dynamic Flaw

-->

Finding Title

Description

-->

Description

Background

-->

Description

Delivery Consultant

-->

Custom Field

Exploitation Difficulty

-->

Custom Field

Remediation Effort

-->

Finding Tag

Recommendations

-->

Recommendations

References

-->

References

CWE ID

-->

CWE ID

Flaw Severity

-->

Severity

Remediation Effort

-->

Finding Tag

Remediation

-->

Custom Field

Category

-->

Finding Tag

Category

-->

Custom Field

Exploit Difficulty

-->

Finding Tag

Exploit Difficulty

-->

Custom Tag

Finding Status

-->

Finding Tag

Finding Status

-->

Custom Tag

DAST Asset Field Mappings

Veracode FieldDirectionPlexTrac Field

File Path

-->

Asset Name

Application

-->

Parent Asset

Instance Details

-->

Asset Name

Line Number

-->

Asset Evidence

Function Prototype

-->

Asset Evidence

First Occurence

-->

Asset Evidence

Remediation Status

-->

Asset Evidence

Migration Status

-->

Asset Evidence

SCA Finding Field Mappings

Veracode FieldDirectionPlexTrac Field

CVE_Summary

-->

Finding Title

CVSS Data

-->

Score Type

CVSS Data

-->

Score Value

CVSS Data

-->

Vector

CVE ID

-->

CVE ID

SCA Asset Field Mappings

Veracode FieldDirectionPlexTrac Field

Library

-->

Asset Parent

App Name

-->

Asset Name

Last updated

© 2024 PlexTrac, Inc. All rights reserved.