Code Vulnerability Analysis

Code Scanner
Detect And React
on new Code Vulnerabilities.

ABAP Coding
May be Your Weakest Point.

Reveal vulnerabilities lurking in your codebase.

As of 2010, SAP, the leading ERP manufacturer started to put real focus on securing its own codebase. Every “SAP Patch Day” includes important security notes and patches, most of which are classified as “Program Error”. However, this only addresses the standard codebase! Custom development also poses a risk security of your systems. SecurityBridge helps detect code vulnerabilities before they are implemented in production. Implement effortless methodologies in your software development lifecycle to increase the security posture of your SAP environment.

The Code Scanner is fully integrated into SecurityBridge, supporting both static code analysis and dynamic scans at code compilation (e.g. importing transports).

A direct integration into the development process in the ABAP Development Workbench and Eclipse Tools for ABAP makes the SecurityBridge Code Scanner a constant companion for your developers. Scans can be conducted effortless and as part of the coding activity. SecurityBridge is a fully integrated SAP security platform. This is why the discovered vulnerabilities will be visible to the other Security Applications. A real 360° view can be established – showing which vulnerability has been exploited. After all one must react quickly once a security vulnerability was discovered. The SecurityBridge platform raises an alert in real-time as soon as such an incident is detected. Our security experts are constantly providing new detection patterns to keep the solution up-to-date and enable the discovery of new vulnerabilities. Unique for SAP add-ons is the approach that our customers can update all detection signatures with a button-click.

Scan thousands of lines of ABAP

Save time with SecurityBridge Code Scanner

ico-risk-factor

Understand The Risk

Each system has an individual security risk. Code Scanner helps you understand and mitigate the risk hidden in custom code.

ico-code-scanner

Automatic vs. Manual

Detect an exploit via the Intrusion Detection System, find and close the vulnerability via the Code Scanner.

ico-risk-factor

Scan individual areas

Scan your entire customer codebase, or target certain areas. It integrates perfectly in your  established development workflow.

Simple and Fast - Performance is key

Hundreds of Objects, Thousands of Lines - Just a Few Seconds.

We applied the same software design targets that we set for all of our platform. Software must be lean, reliable, fast and easy to adopt. Customers should not have to read the manual! Performance of the Code Scanner was also a top priority. SecurityBridge ploughs through thousands of lines of code in no time. It continuously guards as a silent watchdog, ensuring code security is no longer optional or avoidable. Request a demo or run an on-premise test yourself. Assess your code security level now.

SecurityBridge Code Scanner

Let the scanner help you to identify vulnerable or malicious coding lines. Highlight non-mitigated SQL-, OpenSQL- and ADBC injections vulnerabilities. Find missing authorization checks in remote enabled function modules (RFC). Shield the system from backdoors being installed. The SecurityBridge Code Scanner will highlight direct table manipulations, directory traversal vulnerabilities and many other risks lurking in your code.

Not convinced of the need?
A simple backdoor example.

Identified in real life.

if sy-uname <> 'x84bcrl'.

   authority-check object 'z_payroll'
     id 'salary_slip' field 'value'.
   if sy-subrc <> 0.
     raise authorization_error.
   endif.

endif.

Briefly explained

The attacker, a developer with legitimate rights on the system, wrote a discriminating authorization check. Using an IF-clause, he could avoid the authorization check being executed for a specific user-ID. Possibly, this was done during the development and testing phase; potentially this can now be exploited in production to manipulate salary slips. An ordinary line of code may have a significant impact on your Human Resources department.

Code Security is no longer optional

SecurityBridge complements tools and processes already in place for your software development lifecycle management. Code security should never be optional. Protect against ABAP code injects, foreign transports, temporary program creations, and more with SecurityBridge’s code scanner providing constant monitoring.