How to efficiently identify and remediate critical vulnerabilities in SAP and other Business Applications.
Vulnerabilities in individual applications harbor enormous risks for companies because they can be exploited by hackers to gain access to the corporate network and critical IT infrastructure such as SAP systems. An effective approach to application security management therefore must take the entire application portfolio of a company into consideration. It must evaluate critical vulnerabilities uniform and must be capable to track their remediation, regardless of the programming language or the development environment used.
This approach is facilitated by ThreadFix, an open source software offered by Denim Group. In our webinar APPLICATION SECURITY MANAGEMENT we show you:
- How you can scan your SAP and other business applications automatically for critical vulnerabilities
- How you can easily track the remediation of vulnerabilities with ThreadFix
- How you can accomplish important security and quality milestones more easily in your projects
2. How to efficiently identify and
remediate critical vulnerabilities
in SAP and other Business
Applications
3. Agenda
Why measure the effectiveness of your Application Security
Unified Platform
Demo:
Virtual Forge - Code Profiler
Checkmarx - CxSAST
ThreadFix
Q&A
3
4. Why measure the effectiveness of your Application
Security
The state of Application Security
Why traditional tactics of Application Security Management fail
The need to orchestrate tons of security tools for different
purposes
4
5. A unified platform to manage risks in your business
applications
Checkmarx and Virtual Forge provide customers with a feasible
solution based on ThreadFix:
Developed by experienced security practitioners
Combines reports from different code scanners
Provides a landscape wide overview
Easy control and monitoring of effort, timelines and
achievements
Common Weakness Enumeration (CWE)
Free Community Version available
5
6. Integration of CodeProfiler and CxSAST into ThreadFix
Manage your findings from one common platform
CWE Standard Ratings and Certified Integration
Source: ThreadFix by Denim Group
6
8. Key Takeaways
You have seen, how you can:
Scan your SAP and other business applications for code
vulnerabilities using CodeProfiler and Checkmarx
Control and monitor the projects overall application security state
Evaluate and prioritize the vulnerabilities found
Track the remediation of vulnerabilities with ThreadFix
8
9. Next Steps?
Download the free ThreadFix Community Edition at www.threadfix.org
Sign up for the free SAP Risk Assessment at www.virtualforge.com
Sign up for a free secure code analysis by Checkmarx‘s CxSAST at
www.checkmarx.com
9