Using Veracode SCA upload scan results

You may want to review your application portfolio to determine which applications are passing or failing policy.

From Scans & Analysis > Software Composition Analysis, you can:

• Include SCA findings in your policy.
• View the vulnerability status of your applications.
• View all components in your portfolio by version, count, or number of known vulnerabilities.
• View all vulnerabilities in your portfolio by CVE and severity rating.

You can also review your Veracode Software Composition Analysis findings with the Findings REST API.