cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
gra_in_aus
Quartz | Level 8 gra_in_aus
Quartz | Level 8

SAST for SAS

Posted 11-11-2022 12:11 AM (74617 views)

Hi,

 

Currently reviewing Open Source and Enterprise toolsets for SAST.  I noted that on a SAS White Paper (https://www.sas.com/content/dam/SAS/en_us/doc/whitepaper1/sas-software-security-framework-107607.pdf) that SAS uses various Security Frameworks using Open Source and Enterprise toolsets.  I would like to know which ones are utilised by SAS, as would like to assess their capabilities for the SAST Software review that I am doing to cover off the SAS Grid Platform and Redshift Clusters that we utilise for our analytics and data warehouse.

 

Many thanks

 

G

0 Likes
Reply
5 REPLIES 5
LinusH
Tourmaline | Level 20 LinusH
Tourmaline | Level 20

Re: SAST for SAS

Posted 11-11-2022 05:12 AM (74586 views)  |   In reply to gra_in_aus

I don't think this is general knowledge.

If you wish to have insight in SAS Institute processes, you should you SAS sales represenatative, or a TAM if you've been appointed one.

Data never sleeps
0 Likes
Reply
gra_in_aus
Quartz | Level 8 gra_in_aus
Quartz | Level 8

Re: SAST for SAS

Posted 11-14-2022 04:28 PM (74535 views)  |   In reply to LinusH
Can't see why there would be a problem disclosing the open-source SAST that is used. How different is SAS announcing that they use cloud academy? or any other vendors advertise that SAS is a customer of theirs?

I just information to see what SAST tools to cover off SAS and Redshift applications created by users of the servers.
0 Likes
Reply
SASKiwi
PROC Star SASKiwi
PROC Star

Re: SAST for SAS

Posted 11-11-2022 05:19 PM (74562 views)  |   In reply to gra_in_aus

What SAST tools are currently used in your organisation? Your IT Security staff should be able to advise. Why not just follow their guidance? I doubt the SAST tool requirements for your organisation would align withj SAS's so I see limited value in asking them about this.   

0 Likes
Reply
gra_in_aus
Quartz | Level 8 gra_in_aus
Quartz | Level 8

Re: SAST for SAS

Posted 11-14-2022 04:28 PM (74534 views)  |   In reply to SASKiwi
Can't see why there would be a problem disclosing the open-source SAST that is used. How different is SAS announcing that they use cloud academy? or any other vendors advertise that SAS is a customer of theirs?

I just information to see what SAST tools to cover off SAS and Redshift applications created by users of the servers.
0 Likes
Reply
SASKiwi
PROC Star SASKiwi
PROC Star

Re: SAST for SAS

Posted 11-14-2022 05:17 PM (74525 views)  |   In reply to gra_in_aus

If you think SAS can help you on SAST, then by all means contact them via Tech Support or your account manager. In my experience, the Information Security staff I work with are the ones conducting SAST tests and are most familiar with our IT environment so they are the ones I would start out consulting with. 

0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Discussion stats
  • 5 replies
  • ‎11-11-2022 12:11 AM
  • 74618 views
  • 0 likes
  • 3 in conversation