SCC3 Log evaluation client copy
The SAP NetWeaver Application Server Add-on for Code Vulnerability Analysis tool, also known as Code Vulnearability Analyzer (CVA), is a tool that performs a static analysis of user-defined ABAP source code to detect possible security risks. The tool is available in the NetWeaver ABAP stack and is based on versions from: 7.0 NetWeaver: in EHP2 SP 14 or higher / 7.0 NetWeaver: in EHP3 SP 09 or higher / 7.3 NetWeaver: in EHP1 SP 09 or higher / 7.4 NetWeaver: in SP05 or higher To use the CVA tool, the execution of system-wide security controls must be enabled with the RSLIN_SEC_LICENSE_SETUP report. Afterwards, the security checks are available in standard ABAP code checking tools such as ABAP Test Cockpit (ATC) or Code Inspector (SCI). The option of these checks is usually referred to as "security analysis in extended program check". Note that the use of the security check feature for custom code separation is licensed and incurs additional costs. The older program that has been around for years is Virtual Forge's "Code Profiler". It is one of the first products in this segment of SAP security and was used by SAP itself for many years. It is very comprehensive and is also able to track individual variables across the entire control flow. This leads to very precise statements and a reduction of false positives.
HANA optimization makes your own programs really fast. ABAP firewall: 92% less effort, 98% lower costs. Set quality standards for internal and external developments. Accurate and resource-saving analysis and evaluation. Security and compliance risks: significantly reduced.
In order to ensure the stability of the systems and to reduce the risk through proprietary developments, release and patch management must be implemented. Standardised procedures can help to introduce proprietary developments, such as test strategies or service level agreements (SLAs). It is also important to align the productivity setting of customer applications with the maintenance windows and RTO (Recovery-Time-Objective).
The Technical Lead functions as the work package leader or sub-project manager within the SAP basis when the project is the focus of the SAP basis. The Technical Lead will become more important in the future as the SAP basis acts as a technology consultant and more projects and project activities are expected in the future. This role must be filled more and more often. Due to the increased demands, this role and the associated activities must be professionalised through training and further training.
"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.
Instead, you will receive an error message telling you the name of the missing FCS Support Package.
If the number of jobs and the complexity increases, an automatic job control is a good choice.