Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

How do you implement a vulnerabilities scan in your code developed, and the same for the malware?

liliana_morales
Newcomer

on ‎2024 Aug 25 9:02 PM

0 Likes
517

We are new in the BTP applications development, and we are recommended to validate the quality, vulnerabilities, malware and penetration testing, in the developed code, we want to know if BTP has a tool to do it? in the code developed by us or are there other options?  Thanks in advanced.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (0)

Answers (1)

Answers (1)

jbm1991
Explorer
‎2024 Aug 26 9:50 AM
0 Likes

Hi,

BTP does not have any services to scan your code. To do that you should be looking at SAST and DAST tools which you can integrate into your DevOps Pipelines. I won't make any specific recommendations but there are many of these tools available in the market, to suit different needs and budgets.

In terms of your actual deployed and running applications on Cloud Foundry, you could/should make use of the "Malware Scanning Service" within BTP to scan any files your users will be uploading for malware. https://discovery-center.cloud.sap/serviceCatalog/malware-scanning-service

If you do not get budget for SAST/DAST tooling, then please read and investigate the "OWASP Top 10" and ensure your development teams perform safe and secure development practices.

Thanks, John

Show replies
Show replies
Ask a Question