identify, fix, and anticipate vulnerabilities in software security
TRANSCRIPT
56% 75% 84%
Demonstrating Compliance
Securing legacyapplications
Existing Software
Certifying new releases
In-house Development
Outsourced Open SourceCommercial
Secure customized external software
of weaknesses reveal information about
applications, implementations,
or users.4
of breaches occur at the application
layer.2
of mobile applications
fail basic security tests.3
© 2015 SAP SE. SAP and the SAP logo are trademarks and registered trademarks of SAP SE.
Run Simple with SAP Service and Support
Software vulnerabilities open the door to breaches.
Make security an ongoing part of the application development lifecycle.
As you deploy new technology, threats to your IT landscape and applications grow. Security validation must take place
throughout all development activities.
Learn more
For more information on enhancing your application security, visit us at www.sap.com/fortify. * SAP NetWeaver Application Server, add-on for Code Vulnerability Analyzer
Sources
1. Shea Bennett, “Things That Happen on the Internet Every 60 Seconds,” MediaBistro, December 28, 2011.
2. “Cyber Risk Report 2013,” HP Security Research, February 2014.
3. “2014 Gartner Magic Quadrant for Application Security Testing,” Gartner, July 1, 2014
4. Ibid.
Firewalls
Intrusion detection systems
Signatures
Encryption
Customer data
Credit card information
Financial data
Intellectual property
Financial loss
Government fines
Brand damage
Loss of customer trust
Fixing vulnerabilities is costly.
Companies typically roll out new software without engaging in security testing, fixing vulnerabilities only after
they are identified by a breach or during penetration testing. In addition, many organizations never find out they
were breached — or they find out when it is too late.
With this approach, the cost of addressing security after software is deployed is 30x more than the price tag for embedding security from the
start. This figure does not even include the cost of fines and lost revenue.
New technologies present new software vulnerabilities.
By exploiting just one security flaw, hackers can break a new or existing application. It takes companies an average of 250 days to even detect that they are under cyber-attack.
Secure your software landscape quickly — and
at a lower cost.
SAP® Fortify by HP and SAP Code Vulnerability Analyzer can help
enhance application security through identification of vulnerabilities during
software design.
By securing diverse, highly-accessible SAP and third-party applications, you can trust the entire software
landscape is protected.
Current techniques aren’t enough to protect valuable data assets — or your company.
Identify, Fix, and AnticipateVulnerabilities in Software Security
Is your company protected from cyberattacks and security breaches? How can you be sure?
To help you identify and address application security vulnerabilities across the software development lifecycle, we o�er SAP® Fortify by HP and SAP Code Vulnerability Analyzer*.