Skip to main content


Fix vulnerabilities faster with Veracode’s white box test tool

Veracode Static Analysis is a white box test technology that lets your developers quickly find and fix application security flaws without having to manage a complex app security testing solution.

While applications are at the center of business innovation, they are also the primary attack vector for malicious individuals seeking to breach your organization’s defenses. Application security must be a priority, but most solutions impact the speed of software development. As your development team works to turn out software faster than ever, implementing application security assessment solutions during the development lifecycle can be a challenge.

White box testing tools from Veracode can help. Veracode’s white box test solution finds common flaws in applications by creating a detailed model of the application’s data and control paths without actually executing the software. Veracode then searches the model for any path through the software that could represent a potential vulnerability like an SQL injection. Unlike other white box test solutions, Veracode’s patented binary static testing technology analyzes all code – including third-party software, components, and libraries – without needing to access the source code. That means you can use Veracode white box test to analyze major frameworks and languages and assess the code in software you buy or download as well as the applications you write.

An automated white box test solution

Veracode Static Analysis is an automated process that can deliver repeatable results. Unlike manual code reviews or penetration tests, Veracode’s white box test solution can test binaries, analyzing the data flow in compiled applications across proprietary and third-party components. That gives you the ability to test the security of the web, mobile, desktop and back-end applications, and to give your developers a prioritized list of vulnerabilities based on severity and the time required to fix them.

Veracode’s white-box test tool supports most application languages, including:

  • Java (Java SE, Java EE, JSP)
  • Web Platforms: JavaScript (including AngularJS, Node.js, and jQuery), Python, PHP, Ruby on Rails, ColdFusion, and Classic ASP
  • .NET (C#, ASP.NET, VB.NET)
  • C/C++ (Windows, RedHat Linux, OpenSUSE, Solaris)
  • Mobile Platforms: iOS (Objective-C and Swift), Android (Java), PhoneGap, Cordova, Titanium, Xamarin
  • Legacy Business Applications (COBOL, Visual Basic 6, RPG)

Benefits of Veracode’s white box test tool

With a white box testing solution from Veracode, you can:

  • Scale quickly to meet aggressive development deadlines without adding additional staff or requiring additional hardware or software.
  • Integrate application security into your software development lifecycle more easily.
  • Get support for difficult fixes with one-on-one remediation consultation with Veracode’s white box security experts.
  • Comply more easily with regulations and company policy.

Questions About Application Security?

Contact Us