Static Code Analysis tools are an industry best practice. Virtual Forge has developed the 1st Static Code Analysis tool for ABAP. CodeProfiler reliably scans large amounts of ABAP code for backdoors, compliance violations and security defects.
CodeProfiler is the tool of choice for implementing a security quality system for custom ABAP coding.
Written by four employees of Virtual Forge, "Secure ABAP development" reveals unique ABAP security know how. Numerous practical examples will teach you how to find and correct insecure code in your custom business applications.
Today's business applications are often developed by external companies which is cost efficient but raises the question if and how much you should trust the code that was developed externally. Does the software contain security vulnerabilities that were introduced by sloppy development practices? Or did a developer create backdoors which he can later use to access critical data at the production system? In this joint article, members of Virtual Forge and SAP security discuss these problems.