Veracode, a SaaS-based application security (AppSec) provider, offers multiple scan types including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), interactive analysis (IAST), and penetration testing. Veracode Software Composition Analysis enables developers to take advantage of open source libraries without increasing the risk of a cyberattack. Veracode uses data mining, natural language processing, and machine learning to grow its SCA database.