Veracode
PlexTrac supports importing Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) findings from Veracode. Veracode is an application security company offering various security analysis technologies on a single platform, such as static, dynamic, and software composition analysis.
Field Mappings
Below are the field mappings from Veracode to PlexTrac, broken up by findings and assets. If a field is not listed, PlexTrac does not currently import it.
Tables include the following columns:
Veracode Field: the field name that appears in Veracode
PlexTrac Field: the field name that appears in PlexTrac
Direction: displays the direction in the flow of data occurring for the integration (a value of "x" means that the value is not imported)
SAST Finding Field Mappings
Veracode Field | Direction | PlexTrac Field |
---|---|---|
Vulnerability Name | --> | Finding Title |
Description | --> | Description |
Background | --> | Description |
Delivery Consultant | --> | Custom Field |
Exploitation Difficulty | --> | Custom Field |
Remediation Effort | --> | Custom Field |
Recommendations | --> | Recommendations |
References | --> | References |
CWE ID | --> | CWE ID |
Flaw Severity | --> | Severity |
Remediation Effort | --> | Finding Tag |
Category | --> | Finding Tag |
Exploit Difficulty | --> | Finding Tag |
Finding Status | --> | Finding Tag |
SAST Asset Field Mappings
Veracode Field | Direction | PlexTrac Field |
---|---|---|
File Path | --> | Asset Name |
Application | --> | Parent Asset |
Instance Details | --> | Asset Name |
Line Number | --> | Asset Evidence |
Function Prototype | --> | Asset Evidence |
First Occurence | --> | Asset Evidence |
Remediation Status | --> | Asset Evidence |
Migration Status | --> | Asset Evidence |
DAST Finding Field Mappings
Veracode Field | Direction | PlexTrac Field |
---|---|---|
Veracode | --> | PlexTrac |
Dynamic Flaw | --> | Finding Title |
Description | --> | Description |
Background | --> | Description |
Delivery Consultant | --> | Custom Field |
Exploitation Difficulty | --> | Custom Field |
Remediation Effort | --> | Finding Tag |
Recommendations | --> | Recommendations |
References | --> | References |
CWE ID | --> | CWE ID |
Flaw Severity | --> | Severity |
Remediation Effort | --> | Finding Tag |
Remediation | --> | Custom Field |
Category | --> | Finding Tag |
Category | --> | Custom Field |
Exploit Difficulty | --> | Finding Tag |
Exploit Difficulty | --> | Custom Tag |
Finding Status | --> | Finding Tag |
Finding Status | --> | Custom Tag |
DAST Asset Field Mappings
Veracode Field | Direction | PlexTrac Field |
---|---|---|
File Path | --> | Asset Name |
Application | --> | Parent Asset |
Instance Details | --> | Asset Name |
Line Number | --> | Asset Evidence |
Function Prototype | --> | Asset Evidence |
First Occurence | --> | Asset Evidence |
Remediation Status | --> | Asset Evidence |
Migration Status | --> | Asset Evidence |
SCA Finding Field Mappings
Veracode Field | Direction | PlexTrac Field |
---|---|---|
CVE_Summary | --> | Finding Title |
CVSS Data | --> | Score Type |
CVSS Data | --> | Score Value |
CVSS Data | --> | Vector |
CVE ID | --> | CVE ID |
SCA Asset Field Mappings
Veracode Field | Direction | PlexTrac Field |
---|---|---|
Library | --> | Asset Parent |
App Name | --> | Asset Name |
Last updated