Here is a presentation about an secure CI workflow that I'm working on.
The key parts are the Veracode CLI developed (see veracode-api) and the couple Jenkins projects which use the Veracode engine in a 'concurrent scanner' model.
Let me know what you think of it:
