Skip to main content


Protect your software with an app vulnerability scanner.

At a time when web applications have become the #1 attack vector for cyber criminals, an app vulnerability scanner is a must-have technology for IT security teams.

An app vulnerability scanner can help to ensure that applications are free from the flaws and weaknesses that hackers use to gain access to sensitive information. From backdoors, malicious code and other threats, these flaws may be present both in commercial and open source applications as well as software developed in-house.

Traditionally, vulnerability scanning technology has been expensive and labor-intensive, requiring dedicated on-premise software and hardware along with the staff to operate and maintain it. And because vulnerabilities like those in the Common Weakness Enumeration (CWE) may be found in applications built, bought or assembled, a superior app vulnerability scanner must be able to evaluate applications where the source code is available, as well as applications where it is not. That’s why so many organizations choose app vulnerability scanner services from CA Veracode.

Reduce Your Risk From Open Source Components

Learn About Software Composition Analysis

Read More

An on-demand app vulnerability scanner from CA Veracode.

CA Veracode provides solutions that help to protect the software that enterprises rely on for business-critical operations. Built on a secure cloud platform, CA Veracode’s application testing services enable organizations to integrate security quickly and easily into the software development process. Rather than waiting until a separate security hardening stage late in the development cycle, CA Veracode’s app vulnerability scanner and website vulnerability scanner technology lets organizations find and fix flaws at any point in the development process where it is easiest and most cost-efficient to do so.

To use CA Veracode’s app vulnerability scanner, developers or IT administrators simply submit an application to CA Veracode through an online platform and get results within several hours. Each report prioritizes fixes based on severity of the flaw, the business objectives of the enterprise, and the level of risk tolerance. This enables developers to spend their time fixing most important things first, increasing productivity and bringing products to market faster.

An app vulnerability scanner with multiple testing techniques.

CA Veracode’s app vulnerability scanner combines a number of powerful technologies to provide a comprehensive approach to application security. These include

  • Static Analysis (SAST) tools to scan compiled binaries to find flaws in web, mobile and desktop Blackbox Test applications.
  • Dynamic Analysis (DAST) tools for superior blackboxtesting.
  • Vendor Application Security Testing (VAST) tools to support third party risk assessment.
  • CA Veracode Greenlight, a service that provides contextual recommendations and security alerts while developers are in the process of writing code.
  • Software Composition Analysis tools for identifying and cataloging flaws in commercial and open source software.

Learn more about CA Veracode’s app vulnerability scanner, and about CA Veracode’s shellshock vulnerability test.