App Sec Quick StartSKU#
Quantity (10) INT-APP provides: - Unlimited static analysis Assessments for up to 6 Customer Applications. The Application may be a Mobile Application. Customer Application is defined as a collection of uploaded files of up to 50MB or less in total size (Note: System libraries typically included as part of an operating systems distribution are not counted against the Customer Application size limit). - Dynamic analysis Assessment for 1 web Customer Application. A web Customer Application is defined as a single website domain with up to 5,000 associated web pages (Note: As an example, www.xyz.com, www.xyz.co.uk, www.xyz.net, www.veracode.com, analysiscenter.veracode.com would all be treated as separate Customer Applications ). Up to 2 dynamic analysis Assessments are allowed per quarter on the web Customer Application. -Following guardrails on usage apply: Dynamic: Up to a maximum of 5 URLs per week may be submitted for analysis, Static: Up to 10 Customer Applications per day if the automated upload api is being used. No limits on Customer Application submission rate if the submissions are done manually using the Veracode platform. If Customer Application size exceeds 50MB or 5000 pages, it is counted as 2 (or equivalent multiple) Applications. Technical Service Package - BRONZE Includes: 1) Up to 12 hours/yr utilized for API/integration Support, Upload and Result Review calls, Remediation Advice for Development Teams, and Mitigation Review for flaws. Unused Hours do not carry over from month to month. 2) Phone Support is available from 9 AM to 8 PM EST (excluding Holidays and Weekends). Case response time during hours for email and phone cases is 2 Business Days 3) Up to 3 tokens to be used for two-factor authentication. Quantity (2) Single eLearning Seat - Complete Package -34 courses total -combines all courses available in every other individual track into one package. Fundamentals Introductory Track: -contains an introductory selection of courses designed to provide all roles within a development or security organization a basic fundamental understanding of security concepts and the most common threats and vulnerabilities.. Awareness & Management Track: -contains a selection of courses designed to introduce development managers and executives to Application Security concepts and best practices. It first presents the concepts of threats and risks and describes how attackers tend to penetrate an organization's assets. More advanced courses then give managers the skills they need to understand common security problems, root causes of vulnerabilities, and process steps that can be taken to put their team on a solid security development footing. Design & Development Track: -designed for architects and developers, first introduces architects and developers to the concepts of secure architecture and then proceeds to more in-depth coverage of security best practices, common security threats, risk analysis, and the tools & technologies used to mitigate these risks. It also includes introductory and specialized courses that provide the deep, technical knowledge that developers need to address the most critical challenges of secure development in their development language, platform, and operating system of choice. Testing & Validation Track: -introduces QA & security testers to the different classes of security defects, lays the knowledge foundation for security testing, and presents specialized security testing techniques.