Skip to main content
  • Community
  • Blog
  • Contact Us
  • Login
Home
  • Products
      1. Veracode Solution Portfolio
      2. Application Analysis
        1. Static Analysis (SAST)
        2. Software Composition Analysis (SCA)
        3. Interactive Analysis (IAST)
        4. Dynamic Analysis (DAST)
        5. Discovery
        6. Penetration Testing
      3. Developer Enablement
        1. Integrations
        2. Security Labs
        3. Remediation Guidance
        4. Developer Training
      4. AppSec Governance
        1. Policy & Reporting
        2. Remediation Management
        3. Analytics
        4. Veracode Verified
        5. Success Packages
  • Services
      1. Services & Support
        1. Application Security Consulting
        2. Technical Support
        3. Developer Training
        4. Security Program Management
        5. Customer Success Packages
        6. DevOps Penetration Testing
      2. Veracode Verified
        1. Verified
        2. Get Verified
        3. Verified Directory
  • Solutions
      1. Business Outcome
        1. Compete with Security
        2. Reduce Risk
        3. Scale Secure Software
        4. Meet Compliance
      2. Key Topics
        1. DevSecOps
        2. Integrations
        3. Security Certifications
        4. Web Application Scanning
  • Resources
      1. Resource Center
        1. Intro to AppSec
        2. Managing AppSec
        3. Secure Development
        4. Regulation
        5. Getting Internal Buy In
        6. Third Party Software
        7. Product Documentation
      2. Explore More
        1. Common Vulnerabilities
        2. Vulnerability Database
        3. Get a Demo
        4. Request A Quote
        5. Contact Sales
  • About
      1. Our Company
        1. Leadership
        2. Careers
        3. News & Events
      2. Partners
        1. Apply to Become a Partner
        2. Find a Partner
        3. Partner Community Login
        4. AWS Partnership
      3. Connect With Us
        1. Contact Us
        2. Blog
        3. Facebook
        4. LinkedIn
        5. Twitter
        6. YouTube
        7. Contact Sales
  • GET A DEMO
    • Blog
    • Contact Us
    • Community
    • Login
Get a Demo

Site Map

Show — Site Map Hide — Site Map
  • Products
    • Veracode Solution Portfolio
    • Application Analysis
      • Static Analysis (SAST)
      • Software Composition Analysis (SCA)
      • Interactive Analysis (IAST)
      • Dynamic Analysis (DAST)
      • Discovery
      • Penetration Testing
    • Developer Enablement
      • Integrations
      • Security Labs
      • Remediation Guidance
      • Developer Training
    • AppSec Governance
      • Policy & Reporting
      • Remediation Management
      • Analytics
      • Veracode Verified
      • Success Packages
  • Services
    • Services & Support
      • Application Security Consulting
      • Technical Support
      • Developer Training
      • Security Program Management
      • Customer Success Packages
      • DevOps Penetration Testing
    • Veracode Verified
      • Verified
      • Get Verified
      • Verified Directory
  • Solutions
    • Business Outcome
      • Compete with Security
      • Reduce Risk
      • Scale Secure Software
      • Meet Compliance
    • Key Topics
      • DevSecOps
      • Integrations
      • Security Certifications
      • Web Application Scanning
  • Resources
    • Resource Center
      • Intro to AppSec
      • Managing AppSec
      • Secure Development
      • Regulation
      • Getting Internal Buy In
      • Third Party Software
      • Product Documentation
    • Explore More
      • Common Vulnerabilities
      • Vulnerability Database
      • Get a Demo
      • Request A Quote
      • Contact Sales
  • About
    • Our Company
      • Leadership
      • Careers
      • News & Events
    • Partners
      • Apply to Become a Partner
      • Find a Partner
      • Partner Community Login
      • AWS Partnership
    • Connect With Us
      • Contact Us
      • Blog
      • Facebook
      • LinkedIn
      • Twitter
      • YouTube
      • Contact Sales

AppSec Knowledge Base

Show — AppSec Knowledge Base Hide — AppSec Knowledge Base

  • Application Security Basics

    • Agile Security
    • App Security Testing
    • Application Control Audit
    • Application Protection
    • Application Security Assessment
    • Application Security Best Practices
    • Application Security Risk
    • Application Security Tools
    • Application Testing Tool
    • Automated Web Testing
    • Automated Penetration Testing Tools
    • Black Box Analysis
    • Blackbox Test
    • Black Box Testing
    • Blackbox Testing Techniques
    • Cloud-based Security 
    • Code Review Tools
    • Code Security Analysis
    • CWE
    • DAST Test
    • Data Breach
    • Data Loss Prevention Guide
    • Data Security
    • Ethical Hacking
    • Gray Box Testing
    • IAST
    • Mobile app security testing
    • Network security tools
    • Open Source Risk
    • OWASP Testing Tools
    • OWASP Top 10
    • Penetration Testing
    • SaaS Application Security
    • SaaS Application Monitoring
    • SDLC Agile
    • Secure Applications
    • Security Review Software
    • Software Audit
    • Software Code Security
    • Software Security
    • Software Testing
    • Software Testing Process 
    • Software Testing Tools
    • Source Code Analysis
    • Source Code Security Analyzer
    • Static Analysis
    • Static Code Analysis
    • Third-Party Risk Assessment
    • Unit Testing
    • Vulnerability Assessment
    • Vulnerability Assessment Software
    • Vulnerability Management
    • Vulnerability Scanning Tools
    • Web App Penetration Testing
    • Web Application Audit
    • Web Application Monitoring
    • Web Application Scanning
    • Web Application Security Testing
    • Web Application Testing
    • Web Application
    • Web application scanner
    • Web pen testing
    • What is Third-Party Software?

  • AppSec Policies 

    • NIST Compliance
    • OWASP security
    • Secure Compliance
    • Web Application Security Standards
    • PCI Security

  • Advanced application security

    • Agile Software Development Lifecycle
    • Agile SDLC
    • Android Security
    • DAST Assessment
    • DevOps Security
    • DevOps Testing
    • DevSecOps
    • JavaScript Security
    • Linux Hacking
    • Microservices
    • Mobile App Testing
    • Ruby Security
    • Secure Development
    • Secure DevOps
    • Secure Web Application Development
    • Software Development Lifecycle (SDLC)
    • Web Application Penetration Testing
    • What is an integrated development environment

  • Development

    • Integrated Development Environment
    • Software containers
    • Software Testing Methodologies and Techniques
    • What is Systems Development Life Cycle

  • Web Application Flaws & Vulnerabilities

    • Application Vulnerability
    • ARP Spoofing
    • Buffer Overflow
    • Computer Worm
    • Credentials Management Flaws
    • CRLF Injection
    • Cross Site Scripting Prevention
    • Cross Site Scripting Vulnerability
    • Cross-Site Request Forgery
    • Cross-Site Scripting
    • CSRF Token
    • Directory Traversal
    • Encapsulation
    • Error Handling Flaws
    • Failure to Restrict URL Access
    • Insecure Cryptographic Storage
    • Insufficient Transport Layer Protection
    • Keylogger
    • LDAP Injection
    • Malicious Code
    • Man in the Middle Attack
    • Mobile Code Security
    • Open Source Vulnerabilities
    • OS Command Injection
    • PHP SQL injection test
    • Preventing XSS
    • Race Condition
    • Reflected XSS
    • Rootkit
    • Session management
    • Spoofing Attack
    • Spyware
    • SQL Injection Scanner
    • SQL Attacks
    • SQL Injection .NET
    • SQL cheat sheet
    • SQL Injection
    • What is a worm
    • What is SQL Injection

  • Remediation Guidance

    • JAVA

      • CWE 73: External Control of File Name or Path
      • CWE 78: OS Command Injection
      • CWE 80: Cross-Site Scripting
      • CWE 89: SQL Injection
      • CWE 117: Improper Output Sanitization for Logs
      • CWE 209: Information Exposure Through an Error Message
      • CWE 601: Open Redirects
      • CWE 639: Insecure Direct Object Reference

    • .NET

      • CWE 73: External Control of File Name or Path
      • CWE 78: OS Command Injection
      • CWE 80: Cross-Site Scripting
      • CWE 89: SQL Injection
      • CWE 117: Improper Output Sanitization for Logs
      • CWE 209: Information Exposure Through an Error Message
      • CWE 601: Open Redirects
      • CWE 915: Improperly Controlled Modification of Dynamically-Determined Object Attributes

  • Miscellaneous

    • Android Hacking
    • Facebook Security
    • iOS Security
    • Password Hacking
    • Role based access controls
    • Wireless Sniffer
    • Vendor Application Security Testing

Footer Menu

Show — Footer Menu Hide — Footer Menu
  • Products
    • Application Analysis
    • Developer Enablement
    • AppSec Governance
  • Services
    • Application Security Consulting
    • Technical Support
    • Developer Training
    • Customer Success Packages
    • DevOps Penetration Testing
  • Solutions
    • Compete with Security
    • Reduce Risk
    • Scale Secure Software
    • Meet Compliance
  • Resources
    • AppSec Knowledge Base
    • Intro to AppSec
    • Managing AppSec
    • Secure Development
    • Regulation
    • Getting Internal Buy In
    • Third Party Software
    • Product Documentation
  • About
    • Leadership
    • Careers
    • News & Events
    • Contact Us
    • Responsible Disclosure
Facebook logoTwitter logo
Linkedin logoYouTube logo

Quick links

Show — Quick links Hide — Quick links
  • Services
  • Resources
  • Get a demo
  • Blog

Sales : +1-888-937-0329

Support: +1-877-837-2203

UK: +44-(0)-20-3761-5501

Site Map |  Legal - Privacy |  Cloud Certifications
© 2020 VERACODE, All Rights Reserved 65 Network Drive, Burlington MA 01803

Veracode is the leading independent AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities.

Veracode serves more than 2,500 customers worldwide across a wide range of industries. The Veracode solution has assessed more than 15 trillion lines of code and helped companies fix more than 51 million security flaws.

Learn more at www.veracode.com, on the Veracode blog and on Twitter.

Copyright © 2020 Veracode, Inc. All rights reserved. All other brand names, product names, or trademarks belong to their respective holders.