Secure Development for SAP®

Secure Development for SAP®
Mitigation Strategies for Identified ABAP Code Vulnerabilities

About 80% of all SAP customers develop their own custom code. Most of the custom code is still developed using ABAP or WebDynpro for ABAP.

The Quality Assurance process for the custom code development usually comprises of a functional quality check before the code is released to the production environment. An adequate code review for possible security vulnerabilities, like cross-site scripting, missing authorization checks, and SQL script injections are not performed in most cases.

Some customers are performing black box testing in order to identify most critical security vulnerabilities. However, black box testing provides only the ability for recognizing some of the problems. We therefore provide services in order to introduce a Quality Assurance process including a systematic security assessment approach based on VirtualForge CodeProfiler. Based on the results of VirtualForge CodeProfiler, we provide services in order to mitigate the identified ABAP code vulnerabilities.

SAP® Security

IT Security

SAP Security

Data Security

E-SSO

Token Management

Our Consulting

Our Media

Our White Papers

Secure Development for SAP®