Veracode
PlexTrac supports importing XML files from Veracode. Veracode is an application security company offering various security analysis technologies on a single platform, such as static, dynamic, and software composition analysis.
Field Mappings
Below are the field mappings from Veracode to PlexTrac, broken up by findings and assets. If a field is not listed, PlexTrac does not currently import it.
Tables include the following columns:
Veracode Field: the field name that appears in Veracode
PlexTrac Field: the field name that appears in PlexTrac
Direction: displays the direction in the flow of data occurring for the integration (a value of "x" means that the value is not imported)
Finding Field Mappings
| Veracode Field | Direction | PlexTrac Field |
|---|---|---|
Vulnerability Name | --> | Finding Title |
Description | --> | Description |
Background | --> | Description |
Delivery Consultant | --> | Custom Field |
Exploitation Difficulty | --> | Custom Field |
Remediation Effort | --> | Custom Field |
Recommendations | --> | Recommendations |
References | --> | References |
CWE ID | --> | CWE ID |
Flaw Severity | --> | Severity |
Remediation Effort | --> | Finding Tag |
Category | --> | Finding Tag |
Exploit Difficulty | --> | Finding Tag |
Finding Status | --> | Finding Tag |
Asset Field Mappings
| Veracode Field | Direction | PlexTrac Field |
|---|---|---|
File Path | --> | Asset Name |
Application | --> | Parent Asset |
Instance Details | --> | Asset Name |
Line Number | --> | Asset Evidence |
Function Prototype | --> | Asset Evidence |
First Occurence | --> | Asset Evidence |
Remediation Status | --> | Asset Evidence |
Migration Status | --> | Asset Evidence |
Last updated
