Original Post: Announcing a Unified Veracode SAST and SCA IDE Plugin
Veracode has announced a new Integrated Development Environment (IDE) Plugin for VS Code, combining Veracode Static Analysis (SAST) and Software Composition Analysis (SCA) into one plugin. This plugin allows developers to swiftly scan projects for security weaknesses in both code and third-party libraries directly within the IDE, making security checks faster and easier. Early scanning reduces remediation costs and prevents flaws from reaching production. The plugin packages artifacts for the Veracode static scanner and delivers results back to the IDE, enabling developers to scan and fix issues before committing code. The results remain local and aren’t reported to the Veracode Platform. Additional Veracode integrations, such as the GitHub Workflow Integration, support build-breaking and reported scans triggered by source control events. The plugin is free for Veracode customers and includes configurable options, like vulnerability severity levels and dependency reporting. While currently available for VS Code, more IDE integrations are planned. Veracode invites users to leave feedback and requests for enhancements via the plugin. Veracode customers are encouraged to try the plugin, and demos are available for those new to Veracode.
Go here to read the Original Post