Skip to main content
chevron_left
Technical SAP Security Consulting Header

Some areas require the utmost protection.

Source code analysis: ensuring the security of your custom software.

chevron_right

For years, companies have been using an ever-greater proportion of custom applications and third-party add-ons for SAP systems. But how secure are they?

In such cases, using suitable tools to check these applications for security flaws and risks is highly recommended. And the best part? Your SAP NetWeaver license already includes SAP Code Inspector and ABAP Test Cockpit - two tools that constitute fundamental components of high-quality software development.

Our experts will help you combine them with the over 40 additional code-checking rules SAST SUITE provides, thus establishing a complete and sophisticated rule package that will reveal the security vulnerabilities in your systems. In addition, the clearly prioritized recommendations we offer will serve as an ideal basis for gradually addressing any critical findings.

At a glance

  • Initial workshop (situational assessment, guidelines, process)
  • Introduction and activation of SAST's additional checking rules (around 40 checks defined in terms of their target content)
  • Findings prioritized by severity (notifications, warnings requiring expert review, highly critical flaws)
  • SAP Code Vulnerability Analyzer (CVA) not required; the SAST Suite package includes all relevant checking rules
  • Optional: Developer workshops on achieving long-term improvements in code security
  • Optional: Integration of SAP ABAP Test Cockpit (ATC) into your development processes


How our source code analysis can assist you


  • Reliable quality assurance for the software and add-ons you develop in-house
  • Final report with prioritized vulnerabilities and specific recommendations
  • Options to adapt check variants, make custom additions to your rule set, and define exception days to reduce erroneous findings
  • Source code remains in your SAP system
  • No licensing costs for SAP Code Inspector (included out-of-the-box)
  • No flat fee for maintaining SAST's additional checking rules

Analyzing the source code of the in-house developments and add-ons you use is a crucial first step toward enhancing not only your software, but your IT security and compliance, as well.

As a second step, we recommend scheduling a specialized workshop with our security experts to achieve long-term improvements in your development processes.


This approach will give your developers the option to run ongoing checks on their code and receive tailored reports that provide full transparency into their current security status.

>> Return to SAST CONSULTING overview

naviPix
SAST BLOG
SAST BLOG
naviPix
SAST Events & Webinars
SAST EVENTS & WEBINARS
naviPix
SAST Brochure
SAST BROCHURE
naviPix
GET IN TOUCH
GET IN TOUCH