Overview SAP’s Product Security Strategy mandates static code analysis during product develop- ment to help ensure that all applications are secure and resilient against cyber threats, thereby protecting customers—and the com- pany itself—against financial losses through software malfunctions, loss or damage of in- tellectual property, or business interruption. SAP uses its own static analysis tool for appli cations written in the proprietary ABAP language; but for Java, the most common programming language at SAP after ABAP, the company decided to leverage third-party expertise. SAP chose the industry leader and has now fully integrated Fortify software into its development lifecycle. Challenge “I estimate that we have around 80 million unique lines of Java code,” says Uwe

Join for free to read