# Veracode
PlexTrac supports importing Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) findings from **Veracode**. Veracode is an application security company offering various security analysis technologies on a single platform, such as static, dynamic, and software composition analysis.
Based on the provided XML from the Veracode file, PlexTrac will automatically apply a tag to indicate whether the findings resulted from a SAST, DAST, or SCA scan.
## Field Mappings
Below are the field mappings from Veracode to PlexTrac, broken up by findings and assets. If a field is not listed, PlexTrac does not currently import it.
Tables include the following columns:
* **Veracode Field:** the field name that appears in Veracode
* **PlexTrac Field:** the field name that appears in PlexTrac
* **Direction:** displays the direction in the flow of data occurring for the integration (a value of "x" means that the value is not imported)
### SAST Finding Field Mappings
| Veracode Field | Direction | PlexTrac Field |
|---|
| Vulnerability Name | --> | Finding Title |
| Description | --> | Description |
| Background | --> | Description |
| Delivery Consultant | --> | Custom Field |
| Exploitation Difficulty | --> | Custom Field |
| Remediation Effort | --> | Custom Field |
| Recommendations | --> | Recommendations |
| References | --> | References |
| CWE ID | --> | CWE ID |
| Flaw Severity | --> | Severity |
| Remediation Effort | --> | Finding Tag |
| Category | --> | Finding Tag |
| Exploit Difficulty | --> | Finding Tag |
| Finding Status | --> | Finding Tag |
| Source Veracode | --> | Finding Tag |
### SAST Asset Field Mappings
| Veracode Field | Direction | PlexTrac Field |
| ------------------ | :-------: | -------------- |
| File Path | --> | Asset Name |
| Application | --> | Parent Asset |
| Instance Details | --> | Asset Name |
| Line Number | --> | Asset Evidence |
| Function Prototype | --> | Asset Evidence |
| First Occurence | --> | Asset Evidence |
| Remediation Status | --> | Asset Evidence |
| Migration Status | --> | Asset Evidence |
### DAST Finding Field Mappings
| Veracode Field | Direction | PlexTrac Field |
|---|
| Veracode | --> | PlexTrac |
| Dynamic Flaw | --> | Finding Title |
| Description | --> | Description |
| Background | --> | Description |
| Delivery Consultant | --> | Custom Field |
| Exploitation Difficulty | --> | Custom Field |
| Remediation Effort | --> | Finding Tag |
| Recommendations | --> | Recommendations |
| References | --> | References |
| CWE ID | --> | CWE ID |
| Flaw Severity | --> | Severity |
| Remediation Effort | --> | Finding Tag |
| Remediation | --> | Custom Field |
| Category | --> | Finding Tag |
| Category | --> | Custom Field |
| Exploit Difficulty | --> | Finding Tag |
| Exploit Difficulty | --> | Custom Tag |
| Finding Status | --> | Finding Tag |
| Finding Status | --> | Custom Tag |
| Source Veracode | --> | Finding Tag |
### DAST Asset Field Mappings
| Veracode Field | Direction | PlexTrac Field |
| ------------------ | :-------: | -------------- |
| File Path | --> | Asset Name |
| Application | --> | Parent Asset |
| Instance Details | --> | Asset Name |
| Line Number | --> | Asset Evidence |
| Function Prototype | --> | Asset Evidence |
| First Occurence | --> | Asset Evidence |
| Remediation Status | --> | Asset Evidence |
| Migration Status | --> | Asset Evidence |
### SCA Finding Field Mappings
| Veracode Field | Direction | PlexTrac Field |
| --------------- | :-------: | -------------- |
| CVE\_Summary | --> | Finding Title |
| CVSS Data | --> | Score Type |
| CVSS Data | --> | Score Value |
| CVSS Data | --> | Vector |
| CVE ID | --> | CVE ID |
| Source Veracode | --> | Finding Tag |
### SCA Asset Field Mappings
| Veracode Field | Direction | PlexTrac Field |
| -------------- | :-------: | -------------- |
| Library | --> | Asset Parent |
| App Name | --> | Asset Name |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.plextrac.com/plextrac-documentation/product-documentation-1/integrations-and-file-imports/veracode.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.