Upload
virtual-forge
View
101
Download
1
Tags:
Embed Size (px)
Citation preview
How to efficiently identify and remediate critical vulnerabilities in SAP and other Business Applications
Agenda
Why measure the effectiveness of your Application Security Unified Platform Demo:
Virtual Forge - Code Profiler Checkmarx - CxSAST
ThreadFix Q&A
3
Why measure the effectiveness of your Application Security
The state of Application Security Why traditional tactics of Application Security Management fail The need to orchestrate tons of security tools for different purposes
4
A unified platform to manage risks in your business applications
Checkmarx and Virtual Forge provide customers with a feasible solution based on ThreadFix:
Developed by experienced security practitioners Combines reports from different code scanners Provides a landscape wide overview Easy control and monitoring of effort, timelines and
achievements Common Weakness Enumeration (CWE) Free Community Version available
5
Integration of CodeProfiler and CxSAST into ThreadFix
Manage your findings from one common platform CWE Standard Ratings and Certified Integration
Source: ThreadFix by Denim Group
6
Key Takeaways
You have seen, how you can: Scan your SAP and other business applications for code vulnerabilities using CodeProfiler and Checkmarx Control and monitor the projects overall application security state Evaluate and prioritize the vulnerabilities found Track the remediation of vulnerabilities with ThreadFix
8
Next Steps?
Download the free ThreadFix Community Edition at www.threadfix.org
Sign up for the free SAP Risk Assessment at www.virtualforge.com
Sign up for a free secure code analysis by Checkmarx‘s CxSAST at
www.checkmarx.com
9
Disclaimer
© 2015 Virtual Forge GmbH. All rights reserved. Information contained in this publication is subject to change without prior notice. These materials are provided by Virtual Forge and serve only as information. SAP, ABAP and other named SAP products and services as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries worldwide. All other names of products and services are trademarks of their respective companies. The information in the text are approximate and is only for information.
Virtual Forge accepts no liability or responsibility for errors or omissions in this publication. From the information contained in this publication, no further liability is assumed. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of Virtual Forge GmbH, Germany or Virtual Forge Inc., Philadelphia. The General Terms and Conditions of Virtual Forge apply.
© 2015 Virtual Forge | www.virtualforge.com | All rights reserved.
10