- SAP Community
- Groups
- Interest Groups
- Application Development
- Discussions
- security-based code validation products?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
security-based code validation products?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2007 7:51 PM
My company is planning on using third-party ABAP development services and because if this, a concern has been raised about the risk of malicious code being inserted into delivered code.
The question has been raised -- Is there a product that can scan ABAP code looking for known vulnerabilities? Any pointers or suggestions are appreciated.
Thanks in advance.
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2007 9:04 PM
Hi Joseph,
Interesting question - I don't recall seeing anything on the market for this, though maybe someone in the ABAP forum may have a better idea.
A previous client in a similar situation went through code review to try and catch obvious stuff but that's not exactly infallible.
Good luck in finding a solution & let us know if you find anything.
Cheers
Alex
- SAP Managed Tags:
- Security
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-14-2007 3:53 PM
I've answered the same question on the asug.com site.
If you're an ASUG member, you can read the thread here:
Briefly, perhaps try transaction SCI.
Jim- SAP Managed Tags:
- Security
