Welcome to 2014.5!

The fifth Veracode platform release of 2014, which focuses on improved coverage and scanning ease of use for Veracode customers. It adds static coverage for Android 4.4 applications and .NET applications using Telerik, improves static coverage for iOS and Ruby applications, and improves the coverage of Discovery by adding copyright identification. Additionally, this release introduces the static auto-scan feature and provides new support of the IE10 browser. As always, there are also improvements for the core platform, MARS, and code security usability.

Release Notes

Code Security - Coverage

Android Support
Veracode now supports Java applications written for Android 4.4 API Level 19.
Veracode now has enhanced support for the Telerik framework. You will see improved scan results for .NET applications that use the Telerik library and a shift from non-actionable flaws in third-party code to actionable flaws at the API call sites in first-party code.
Internet Explorer 10
Veracode has added IE10 to its list of supported browsers.
iOS and Ruby Results
Static scanning is enhanced to improve scan accuracy for iOS and Ruby applications.

Code Security - Usability

Detailed XML Report
The detailed report XML file now includes information about the sandbox in which a scan was performed.
The Analytics dashboards now correctly summarize the severity for manual flaws.
When selected, this new feature enables Veracode to automatically select the top-level modules from the files you upload and, following a successful prescan, proceed directly with the full scan. The Auto-Scan feature saves you time and introduces more automation to the scan process.

Web Application Security

Discovery Reports - HTML Page Titles
The Discovery reports now include the HTML titles of the websites found by Discovery, which enables you to identify site ownership, confidence, and ideal scan candidates.
Discovery Reports - Copyright Data
The Discovery reports also include the copyright company and date to help you identify site ownership and legacy sites.
Source IP Information
You can now find details in the Help Center about the source IP addresses for Discovery web crawling. Click the More links on the DynamicMP and Discovery scan configuration pages to go to the Help Center pages that list this IP address information.


Summary Transcript
eLearning users that selected to download the Summary Transcript have received errors in the past. This issue is now fixed and you can successfully download the PDF.

Mobile Application Reputation Service (MARS)

iOS My Apps Upload Messaging
The My Apps Upload messaging for non-US iTunes apps is updated to provide users additional information regarding upload failures.
PDF Reports
There is now a System Profile section in the MARS PDF reports, and we have reorganized the layout of the Methodology content.
Web Reports Download
We have added a download log capability within the web reports System Profile tab.
Help Menu
This release introduces a Help menu item to the user interface.

Tim Jarrett is Senior Director of Product Marketing at Veracode. A Grammy-award winning product professional, he joined Veracode in 2008 and has a Bacon number of 3. He can be found on Twitter as @tojarrett.

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.




contact menu