Skip to content

Latest commit

 

History

History
62 lines (44 loc) · 3.13 KB

File metadata and controls

62 lines (44 loc) · 3.13 KB
layout col-document
title ABAP Code Scanner - Web Edition (Management Console)
tags abap sap security sast web

ABAP Code Scanner - Web Edition (Management Console)

The free open-source CLI scans exported ABAP source offline. The Web Edition is a commercial web application by RedRays that connects directly to your SAP systems over SAP JCo (RFC) and statically analyses ABAP in place, presenting findings in a modern web UI. The OWASP project itself remains free and open source.

ABAP SAST - projects overview

What it does

  • Direct SAP connection (SAP JCo / RFC) - scan ABAP straight from the system; no manual export.
  • Projects - organise scans by mapping target systems to scan profiles (for example OWASP Top 10 or Critical issues only).
  • Scheduled scans - run recurring scans automatically.
  • Vulnerability dashboard - findings ranked by severity and CVSS, each with a confidence score and a plain-language explanation.
  • Cross-system retest - re-verify a finding across systems, with full retest history.
  • Reports & export - export findings for triage and audit.
  • Enterprise access - single sign-on and role-based access control.

Create a project and run a scan

Findings and triage

Each finding identifies the affected ABAP object and location, with a severity, a CVSS score, a confidence score and a plain-language explanation, plus a status you manage from the browser.

Vulnerability findings

Finding detail

Retest across systems

Re-run a specific finding against one or more systems to confirm whether it is still present, and keep a history of every retest.

Cross-system retest with history

Reporting

Export findings to a report for distribution and audit.

Export a report

Get access

The Web Edition is a commercial product by RedRays. To request a demo or a trial, visit redrays.io/abap-scanner or contact support@redrays.io.