Eliminating errors in custom code is essential for keeping SAP applications secure and functioning properly. Unfortunately, app security testing tools don’t cover SAP and manual reviews are time consuming and error-prone.
Onapsis Control for Code solves these problems with automated code analysis designed specifically for SAP systems, allowing you to “shift left” and identify and fix issues in internally or third-party developed code before negative consequences arise.Request a Demo
Automated Code Analysis for Business-Critical SAP Applications
With a focus on identifying and resolving insecure, unstable and non-compliant code during development, Control for Code analyzes and reviews custom code that could put your organization at risk of attack, non-compliance or critical application downtime.
Check custom SAP code for security, compliance, performance, robustness, maintainability and data loss prevention issues.
Each identified issue includes steps to remediate or leverage optional automated code correction services.
Build Into Workflows
Assess code in real-time by integrating into leading IDEs or batch scan from a repository
Faster than labor-intensive and error-prone manual code review processes
False positive rate, eliminating unnecessary review of incorrect findings
Reduction in security and quality errors making it into production
Common findings can be resolved with optional automated code correction service
Shift Left and Stay Clean
Automated code review captures issues quickly and before they make it to production, when errors are more expensive to fix and the consequences are exponentially worse. If used in a continuous integration process throughout the application development lifecycle, code analysis identifies and prevents code vulnerabilities and quality issues from degrading security, compliance or performance.
Key Features of Onapsis Control for Code
- Each identified issue includes associated business risk and remediation guidance
- Support for multiple languages including ABAP, XSJS, node.js, SQLScript, and SAPUI5 (Fiori)
- Analyze code in real time within development environments, including SAP HANA Studio, Eclipse, SAP Web IDE, SAP ABAP development workbench, SAP Business Application Studio and Visual Studio Code
- Integrates with change management solutions (e.g., ChaRM, SAP Transport Management System, Jenkins) to build code analysis into existing processes
- Scan up to 900,000 lines of code in one minute
- Automated code remediation using quickfix capabilities in the development environment
- Comprehensive analysis that follows your code through decision trees for complete coverage
- Identify unused code that can be removed to improve maintainability, reduce complexity of system upgrades and migrations
- Checks against OWASP Top 10 “The Ten Most Critical Web Application Security Risks”
Run on the Onapsis Platform
Onapsis provides a suite of products, built on the Onapsis Platform, to support security, compliance, threat detection, secure application development, and change management.Learn more about the Onapsis Platform
Powered by Onapsis
Our team of business-critical application security experts combine in-depth knowledge and experience to deliver technical analysis and alerts with a business context.Learn more about how our Research Labs drives our products