Virtual Forge CodeProfiler for IBM Security AppScan® Source automates static analysis security testing to identify and remediate vulnerabilities in Advanced Business Application Programming (ABAP) source code. It helps you eliminate SAP application risk with advanced static (white box) security testing of ABAP source code. Virtual Forge CodeProfiler for IBM Security AppScan Source helps you adopt a secure-by-design philosophy that integrates security testing with software development.

Virtual Forge CodeProfiler for IBM Security AppScan Source:

  • Empowers developers to write more secure ABAP applications by integrating security scanning into the ABAP workbench and SAP user interface.
  • Enforces security-related service level agreements for applications and code developed by consultants and third parties.
  • Manages SAP security as part of your enterprise application risk management program by integrating with IBM Security AppScan Enterprise.
  • Enables collaboration between development and security teams using a tailored combination of IBM Security and IBM Rational® software.

Empowers developers to write more secure ABAP applications

  • Educates developers about security and helps them identify and correct vulnerabilities through technical information.
  • Eliminates developers’ need to leave their integrated development environments (IDEs).
  • Offers a way to scan code without complex setup and configuration.
  • Explains how vulnerabilities introduce risk and assesses their potential impact.
  • Delivers guidance to accelerate the correction process with potential code corrections.

Enforces security-related service level agreements

  • Verifies automatically that security requirements are met and helps avoid unexpected, time-consuming change requests.
  • Enforces service-level agreements as part of managing security requirements.
  • Helps you include security specifications as part of the tender for outsourced development projects.

Manages SAP security as part of your enterprise application risk management program

  • Drives remediation efforts with recommended code fixes and triage results for a single view of results.
  • Helps you move beyond annual audits and preproduction testing to adopt the practices of application risk management.
  • Includes ABAP applications in the enterprise-wide view of application risk.
  • Provides more than 40 compliance reports and trending analysis to measure and reduce application risk.

Enables collaboration between development and security teams

  • Defines, visualizes and enhances traceability of SAP requirements, processes and assets across application environments.
  • Prioritizes business-critical changes and allows for optimal resource utilization across packaged, legacy and custom-developed applications.
  • Improves quality and catches vulnerabilities earlier to help lower costs and improve deployment success.
  • Reduces security exposure and lowers analysis costs.