Community
Questions Library
Docs
Blog
Events
Swag
Github
Slack
JupiterOne
Discussions
Release Notes
Contact Us
Veracode Integration with JupiterOne - AskJ1 Community
<main> <article class="userContent"> <h2 data-id="veracode-jupiterone-integration-benefits">Veracode + JupiterOne Integration Benefits</h2> <ul><li><p>Visualize Veracode application scan results, CWEs, and findings in the<br> JupiterOne graph.</p></li> <li><p>Map Veracode findings to a code repo, project, or application in your<br> JupiterOne account.</p></li> <li><p>Monitor Veracode CWEs and findings within J1 Alerts.</p></li> <li>Monitor changes to Veracode application scans (known as assessments in j1)<br> using JupiterOne alerts.</li> </ul><h2 data-id="how-it-works">How it Works</h2> <ul><li><p>JupiterOne periodically fetches Veracode application scan (assessment)<br> results, CWEs, and findings to update the graph.</p></li> <li><p>Write JupiterOne queries to review and monitor updates to the graph.</p></li> <li>Configure alerts to reduce the noise of findings.</li> <li>Configure alerts to take action when the JupiterOne graph changes.</li> </ul><h2 data-id="requirements">Requirements</h2> <ul><li>You must have administrator access in Veracode to create the least-privledged<br> access<br><a rel="nofollow" href="https://docs.veracode.com/r/c_about_veracode_accounts">API service account</a><br> that the integration uses.</li> </ul><h2 data-id="support">Support</h2> <p>If you need help with this integration, contact<br><a rel="nofollow" href="https://support.jupiterone.io">JupiterOne Support</a>.</p> <h2 data-id="integration-walkthrough">Integration Walkthrough</h2> <h3 data-id="in-veracode">In Veracode</h3> <p>The integration instance configuration requires the customer's API ID and secret<br> key to authenticate requests to the Veracode REST APIs. To do this in a<br> least-privledged access manner, do the following:</p> <ol><li>Using a Veracode account with admin permissions, create an<br><a rel="nofollow" href="https://docs.veracode.com/r/c_about_veracode_accounts">API service account</a></li> </ol><ul><li><p>At the time of this writing, user creation can be done by clicking the<br> Settings button (top-right) => Admin => Add New User.</p></li> <li><p>Be sure to select the <code class="code codeInline" spellcheck="false" tabindex="0">Non-Human User</code> checkbox, and enter an email you have<br> access to. You will log in as the integration to generate keys scoped to the<br> limited permission set</p></li> <li><p>In <code class="code codeInline" spellcheck="false" tabindex="0">Access Settings</code>, enable the <code class="code codeInline" spellcheck="false" tabindex="0">Results API</code> option.</p></li> <li><p>Enter a username, first/last name of your choice. We recommend it clearly<br> indicates that the user is being used for a JupiterOne Integration,</p></li> <li><p>Be sure to have <code class="code codeInline" spellcheck="false" tabindex="0">Login Enabled</code> set to <code class="code codeInline" spellcheck="false" tabindex="0">Yes</code>. Setting to <code class="code codeInline" spellcheck="false" tabindex="0">No</code> does not send<br> your email an activation link.</p></li> </ul><ol start="2"><li>After activating your integration's API Service Account and setting your<br> password, log in as the integration.</li> </ol><ul><li>Be sure to verify you are logged in as the integration by going to the<br><code class="code codeInline" spellcheck="false" tabindex="0">Your Account</code> page in the veracode UI.</li> </ul><ol start="3"><li>Generate your API keys for the integration.</li> </ol><ul><li><p>Select the user icon in the top-right (same place you find the <code class="code codeInline" spellcheck="false" tabindex="0">Your Account</code><br> button).</p></li> <li><p>Select <code class="code codeInline" spellcheck="false" tabindex="0">API Credentials</code> => <code class="code codeInline" spellcheck="false" tabindex="0">Generate API Credentials</code>.</p></li> <li>Copy your API Id and secret key contents (note that this only displays once at<br> generation).</li> </ul><ol start="4"><li>Note that by default, your keys expire after one year. If you have expired<br> keys, re-generate and update your integration in JupiterOne.</li> </ol><h3 data-id="in-jupiterone">In JupiterOne</h3> <ol><li>From the configuration <strong>Gear Icon</strong>, select <strong>Integrations</strong>.</li> <li>Scroll to and click the <strong>Veracode</strong> integration tile.</li> <li>Click <strong>Add Configuration</strong> and configure the following settings:</li> </ol><ul><li><p>Enter the <strong>Account Name</strong> by which you want to identify this Veracode account<br> in JupiterOne. Ingested entities store the value <code class="code codeInline" spellcheck="false" tabindex="0">tag.AccountName</code> when <strong>Tag<br> with Account Name</strong> is selected.</p></li> <li><p>Enter a <strong>Description</strong> that helps your team identify the integration<br> instance.</p></li> <li><p>Select a <strong>Polling Interval</strong> that is sufficient for your monitoring<br> requirements. You can leave this as <code class="code codeInline" spellcheck="false" tabindex="0">DISABLED</code> and manually execute the<br> integration.</p></li> <li><p>Enter the <strong>API ID</strong> used to authenticate with Veracode.</p></li> <li>Enter the <strong>API Secret</strong> used to authenticate with Veracode.</li> </ul><ol start="4"><li>Click <strong>Create Configuration</strong> after you have entered all values.</li> </ol><h1 data-id="how-to-uninstall">How to Uninstall</h1> <ol><li>From the configuration <strong>Gear Icon</strong>, select <strong>Integrations</strong>.</li> <li>Scroll to and click the <strong>{{provider}}</strong> integration.</li> <li>Identify and click the <strong>integration to delete</strong>.</li> <li>Click the <strong>trash can</strong> icon.</li> <li>Click the <strong>Remove</strong> button to delete the integration.</li> <li>We recommend you revoke the API keys for the <code class="code codeInline" spellcheck="false" tabindex="0">API Service Account</code> you<br> created in Veracode.</li> </ol><h2 data-id="data-model">Data Model</h2> <h3 data-id="entities">Entities</h3> <p>The following entities are created:</p> <table><thead><tr><th>Resources</th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Entity <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> </tr></thead><tbody><tr><td>Account</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_account</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Account</code></td> </tr><tr><td>Assessment</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_assessment</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Assessment</code></td> </tr><tr><td>Finding</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_finding</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Finding</code></td> </tr><tr><td>Project</td> <td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_project</code></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">Project</code></td> </tr></tbody></table><h3 data-id="relationships">Relationships</h3> <p>The following relationships are created:</p> <table><thead><tr><th>Source Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Relationship <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> <th>Target Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> </tr></thead><tbody><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_account</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_project</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_assessment</code></td> <td><strong>IDENTIFIED</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_finding</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_project</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_assessment</code></td> </tr><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_project</code></td> <td><strong>HAS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_finding</code></td> </tr></tbody></table><h3 data-id="mapped-relationships">Mapped Relationships</h3> <p>The following mapped relationships are created:</p> <table><thead><tr><th>Source Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Relationship <code class="code codeInline" spellcheck="false" tabindex="0">_class</code></th> <th>Target Entity <code class="code codeInline" spellcheck="false" tabindex="0">_type</code></th> <th>Direction</th> </tr></thead><tbody><tr><td><code class="code codeInline" spellcheck="false" tabindex="0">veracode_finding</code></td> <td><strong>EXPLOITS</strong></td> <td><code class="code codeInline" spellcheck="false" tabindex="0">*cwe*</code></td> <td>FORWARD</td> </tr></tbody></table> </article> </main>