Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/1/2009
05:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Art of Defence, Virtual Forge Partner In SAP Security

Companies that use SAP technology can now discover and shield any software security issues before they become problems without bringing the system offline

Regensburg, Germany, September 1, 2009 " Today, art of defence, the leading distributed web application firewall (dWAF) provider, and Virtual Forge, the leader in SAP software security, announced they have partnered through product integration to end the need for security hot-patches on SAP systems. Companies that depend on SAP technology now have the ability to discover and shield any software security issues before they become problems without bringing the system off-line, avoiding unplanned down time. Patch development is saved for regularly scheduled cycles, increasing overall system productivity and improving the quality of patches.

Through the partnership, Virtual Forge's market-leading SAP ABAP source code scanner, CODEPROFILER, detects software vulnerabilities and feeds any findings directly into art of defence's dWAF solution, hyperguard. All security lapses identified are immediately presented to the administrator through dynamic ruleset suggestions within hyperguard. Conflicting dWAF rulesets, which may leave holes in web application shielding, are prevented with hyperguard. The dWAF is the industry's only solution available today that enables development, testing and deployment of new application security policies without ever relaxing the established defenses or risking false positives.

"Experience shows that there's at least one critical security issue in 2,000 lines of SAP ABAP code. This leads to significant defect rates, even in smaller development projects. Since patch issues create considerable productivity challenges for SAP systems due to their pervasive, foundational nature, there's a strong need for an effective solution. Processes, divisions and even whole companies are impacted when these systems come offline," says Markus Schumacher, CEO, Virtual Forge. "Integrating our CODEPROFILER with art of defence's hyperguard translates into secure SAP Web applications at all times while patches can be calmly created, tested and imported during the regular maintenance routine."

"Source code scanning and web application shielding software go hand-in-hand, and SAP developers will find comfort knowing the market leading CODEPROFILER now integrates fully with a powerful, flexible dWAF," said Georg Hess, founder and CEO, art of defence. "By putting the administrator in complete control over all rulesets, hyperguard makes sure only malicious traffic is prevented."

hyperguard's entire software architecture was carefully designed to ensure that it can be integrated as flexibly and seamlessly as possible into existing security and Web infrastructures with no disruptions or interference in service. hyperguard adds high-level proactive security features typically not found in other WAF solutions, such as secure session management, URL encryption and a web authentication framework. Available as a SaaS, software plug-in, virtual appliance, hardware appliance or as a standalone software solution, hyperguard is the world's most flexible, scalable solution for web application attack detection and complete web application shielding.

For more information about hyperguard, the company or about partnership opportunities, visit the Art of Defence website (www.artofdefence.com/en), and for details about Virtual Forge, visit their site (www.virtualforge.de).

# # #

About art of defence GmbH

Founded in 2005, art of defence GmbH is headquartered in Regensburg, Germany, and serves the U.S., European and Asian markets. Focused exclusively on providing comprehensive web application security technology on any scale, the company is the only European provider in this space that covers the entire software development lifecycle (SDLC). The company partners with leading technology providers like Microsoft, Zeus, GeNUA, and Armorize.

The full product suite includes hyperguard, a distributed web application firewall (dWAF), hypersource, a static source code analysis tool, and hyperscan, a web application vulnerability scan server. As the flagship solution, hyperguard has been designed to integrate fully with the latter two offerings, enabling the dWAF to automatically protect web application from vulnerabilities detecting through hypersource and hyperscan.

art of defences web application firewall technology is the most flexible on the market today, available as a SaaS, software plug-in, virtual appliance, hardware appliance or as a standalone software solution. The company serves the financial services, eCommerce, technology, telecommunication and public sector markets exclusively through OEM/technology and reseller channel partners.

For more information about art of defence, visit: www.artofdefence.com/en

About Virtual Forge

Virtual Forge is the leading authority in business for software security for SAP applications. The benefits and solutions of the company cover the complete cycle of secure development in the SAP environment. Many SAP customers rely on the know-how of Virtual Forge to understand the security risks in their SAP landscapes and facilitate the software and process change necessary to mitigate them. The company has cooperated for many years with SAP in security relevant areas of product development.

The deep experience with security analysis in the SAP environment is the basis for the ABAP security scanner, CODEPROFILER. For the first time it's possible to realise broad code security audits for ABAP programs. SAP-Board member Gerhard Oswald has commented, "Security is important to us and to our customers. It's good to see that our trusted partner, Virtual Forge, provides a tool for security test automation. Now all our customers can establish a baseline security level in their ABAP code."

For more information about Virtual Forge, visit: www.virtualforge.de

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.