Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

security-based code validation products?

JR_LM
Explorer

‎2007 Sep 12 7:51 PM

0 Likes
412

My company is planning on using third-party ABAP development services and because if this, a concern has been raised about the risk of malicious code being inserted into delivered code.

The question has been raised -- Is there a product that can scan ABAP code looking for known vulnerabilities? Any pointers or suggestions are appreciated.

Thanks in advance.

2 REPLIES 2
Read only

Former Member

‎2007 Sep 12 9:04 PM

0 Likes
391

Hi Joseph,

Interesting question - I don't recall seeing anything on the market for this, though maybe someone in the ABAP forum may have a better idea.

A previous client in a similar situation went through code review to try and catch obvious stuff but that's not exactly infallible.

Good luck in finding a solution & let us know if you find anything.

Cheers

Alex

Read only

JimSpath
SAP Champion
SAP Champion

‎2007 Sep 14 3:53 PM

0 Likes
391

I've answered the same question on the asug.com site.

If you're an ASUG member, you can read the thread here:

http://www.asug.com/DiscussionForums/DiscussionForums/tabid/312/view/topic/postid/82753/ptarget/8275...

Briefly, perhaps try transaction SCI.

Jim

On Mastodons We Ride