Contact Us

Blog

Community

Veracode Community Partner Community

Login

Schedule a Demo

Products

Manage your entire AppSec program in a single platform.

Simplify vendor management and reporting with one holistic AppSec solution.

Empower developers to write secure code and fix security issues fast.

Get expertise and bandwidth from Veracode to help define, scale, and report on an AppSec program.

Products & Services

Veracode delivers the AppSec solutions and services today's software-driven world requires. Meet the needs of developers, satisfy reporting and assurance requirements for the business, and create secure software.

View Product

Application Analysis

Veracode simplifies AppSec programs by combining five application security analysis types in one solution, all integrated into the development pipeline.

Static Analysis (SAST) Software Composition Analysis (SCA) Dynamic Analysis (DAST) Discovery Penetration Testing

Developer Enablement

With automated, peer, and expert guidance, developers can fix – not just find – issues and reduce remediation time from 2.5 hours to 15 minutes.

Security Labs Security Labs Community Edition eLearning Customer Success Packages

AppSec Governance

AppSec programs can only be successful if all stakeholders value and support them. That’s why Veracode enables security teams to demonstrate the value of AppSec using proven metrics.

Analysis Center Discovery Customer Success Packages

Our Approach

Veracode gives you solid guidance, reliable and responsive solutions, and a proven roadmap for maturing your AppSec program. By increasing your security and development teams’ productivity, we help you confidently achieve your business objectives.

Achieve DevSecOps Security as an Advantage Reduce Risk Meet Compliance Executive Order on Cybersecurity

Financial Services Software & Technology Retail & Ecommerce Healthcare Government

Prove at a glance that you’ve made security a priority and that your program is backed by one of the most trusted names in the industry.

Program Overview Verified Directory Get Verified

Developers

Developer Center

Documentation Quick Start Guide Scan Code Integrations API Reference

AppSec Knowledgebase Vulnerability Database Developer Community Contact Support

Status Page Product News

Veracode provides workflow integrations, inline guidance, and hands-on labs to help you confidently secure your 0s and 1s without sacrificing speed.

Secure Code Training

Partner Ecosystem

Veracode’s comprehensive network of world-class partners helps customers confidently, and securely, develop software and accelerate their business.

Find a Partner

Solution Providers Global System Integrators Technology Alliances & Integrations

Expand your offerings and drive growth with Veracode’s market-leading AppSec solutions. Access powerful tools, training, and support to sharpen your competitive edge.

Partner Program Overview Become a Partner Visit Partner Community

APPLICATION SECURITY

Knowledge Base

Search Our Knowledge Base

AppSec Knowledgebase Categories >

Attacks

Application Attack Types

The following is an extensive library of security solutions articles and guides that are meant to be helpful and informative resources on a range of security solutions topics, from web application security to information and network security solutions to mobile and internet security solutions.

ARP Spoofing ARP spoofing is a type of attack in which a malicious actor sends falsified ARP (Address Resolution Protocol) messages over a local area network.

Computer Worm Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities.

Keylogger Keyloggers or keystroke loggers are software programs or hardware devices that track the activities (keys pressed) of a keyboard. Keyloggers are a form of spyware where computer users are unaware their actions are being tracked.

Man-in-the-Middle Attack A man-in-the-middle (MITM) attack is a type of cyberattack where a malicious actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other.

Rootkit A rootkit is a computer program designed to provide privileged access to a computer while actively hiding its presence. Once a rootkit has been installed, the controller of the rootkit has the ability to remotely execute files and change system configurations on the host machine.

SQL InjectionSQL Injection is a type of attack that attempts to gain unauthorized access to your database through user input fields

Spoofing Attack A spoofing attack is when a malicious party impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread malware or bypass access controls.

Spyware Although it sounds like something James Bond would employ, spyware is all too real. Spyware is any software that installs itself on your computer and starts covertly monitoring your online behavior without your knowledge or permission.