Skip to Content

SAP NetWeaver Application Server, add-on for code vulnerability analysis

Tighten ABAP application security – with our static code analysis add-on for SAP NetWeaver

Develop highly secure SAP ABAP applications – with our static code analysis add-on for SAP NetWeaver Application Server. This static application security testing (SAST) tool lets you rapidly scan custom code for security vulnerabilities, and then use proven guidelines to fix them. Prevent cyber attacks and data breaches – and reduce security risk and cost.

Why SAP NetWeaver Application Server, add-on for code vulnerability analysis?

Because your valuable data assets are only as secure as the applications that host and access them. This integrated source code analysis tool lets you identify security risks in your ABAP source code during the software development process. It helps you tighten application security and protect against malicious code attacks and data breaches. And because it’s the same software we use for ABAP-code security testing at SAP, you can rest easy knowing it’s been rigorously tested on a massive scale.

Learn how SAP NetWeaver Application Server, add-on for code vulnerability analysis can simplify the lives of business users and IT staff:

Functional Capabilities
  • Run vulnerability checks on custom ABAP code during the development process – to detect flaws and gaps early on
  • Leverage tools that are already integrated into the standard SAP ABAP development infrastructure for easy consumption – no additional installations required
  • Provide developers with extensive documentation to support speedy security fixes
  • Meet the compliance and automation requirements of your software quality assurance teams
Collapse
Technical Capabilities
  • Automatically detect weaknesses in your ABAP source code
  • Reduce your false-positive rate through data flow analysis
  • Support exemption workflows to ease handling of false-positives
  • Integrate into standard ABAP development infrastructure (ABAP Test Cockpit) for easy consumption by developers
  • Launch vulnerability checks for single objects and groups of objects
  • Harness manual and automated check executions
  • Adjust check priorities to match development guidelines
  • Use extensive documentation to avoid vulnerabilities – and help developers understand and fix issues in their code
 

Security checks in detail:

  • SQL injection (Open SQL, ADBC)
  • Code injection (ABAP)
  • Call injection
  • OS command injection
  • Directory traversal
  • Backdoors and authorizations
  • Web exploitability
  • Business Server Pages (BSP)
Collapse

System requirements SAP NetWeaver Application Server, add-on for code vulnerability analysis

Although the SAP NetWeaver Application Server, add-on for code vulnerability analysis can be used standalone or via the SAP Code Inspector, it is recommended to be used solely via the ABAP Test Cockpit (ATC), as for instance exemptions can be used only with ATC. The product is available with:

  • SAP NetWeaver AS ABAP 7.0 EhP2 Support Package 14
  • SAP NetWeaver AS ABAP 7.0 EhP3 Support Package 09
  • SAP NetWeaver AS ABAP 7.3 EhP1 Support Package 09
  • SAP NetWeaver AS ABAP 7.4 Support Package 05
  • SAP NetWeaver AS ABAP 7.5

Licensing and purchasing options for SAP NetWeaver Application Server, add-on for code vulnerability analysis

SAP NetWeaver Application Server, add-on for code vulnerability analysis allows you to license and pay for only the number of users that you require at any given time. Start with the licenses your organization needs right now and add more users as your needs evolve. This product is deployed on-premise and, therefore, requires a perpetual license.

For more information, read SAP Note 1855773

Contact Us

image

Contact your local SAP account executive for additional licensing and purchasing options

image

For general licensing information, consult Licensing SAP Software: A Guide for Buyers 

Expert Community

Connect with SAP experts – and get the latest news and views on SAP NetWeaver Application Server, add-on for code vulnerability analysis implementations, upgrades, innovations, and best practices.

Security Community

SCN Wikipage

SAP NetWeaver AS, add-on for code vulnerability analysis for ABAP 7.5 is out!

How to Protect Your ABAP Code Against SQL Injection Attacks

Secure Execution of OS Commands by ABAP programs

Download SAP NetWeaver Application Server, add-on for code vulnerability analysis road map 

Previous

Quickly adopt and maintain SAP solutions

Get the support you need to efficiently implement and operate your SAP solutions – and take advantage of new technologies. We offer a range of support services, from foundation level to strategic engagement and co-innovation.

View product documentation

Get a wealth of information – about everything from installation and upgrades to security, integration, and product availability.

Next
Back to top