- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Currently reviewing Open Source and Enterprise toolsets for SAST. I noted that on a SAS White Paper (https://www.sas.com/content/dam/SAS/en_us/doc/whitepaper1/sas-software-security-framework-107607.pdf) that SAS uses various Security Frameworks using Open Source and Enterprise toolsets. I would like to know which ones are utilised by SAS, as would like to assess their capabilities for the SAST Software review that I am doing to cover off the SAS Grid Platform and Redshift Clusters that we utilise for our analytics and data warehouse.
Many thanks
G
- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
I don't think this is general knowledge.
If you wish to have insight in SAS Institute processes, you should you SAS sales represenatative, or a TAM if you've been appointed one.
- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
I just information to see what SAST tools to cover off SAS and Redshift applications created by users of the servers.
- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
What SAST tools are currently used in your organisation? Your IT Security staff should be able to advise. Why not just follow their guidance? I doubt the SAST tool requirements for your organisation would align withj SAS's so I see limited value in asking them about this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
I just information to see what SAST tools to cover off SAS and Redshift applications created by users of the servers.
- Mark as New
- Bookmark
- Subscribe
- Mute
- RSS Feed
- Permalink
- Report Inappropriate Content
If you think SAS can help you on SAST, then by all means contact them via Tech Support or your account manager. In my experience, the Information Security staff I work with are the ones conducting SAST tests and are most familiar with our IT environment so they are the ones I would start out consulting with.