COMMUNITIES

Select Your Region

Visit the Cary, NC, US corporate headquarters site

Americas

Europe

Middle East & Africa

Asia Pacific

View our worldwide contacts list for help finding your region

Americas

Europe

Middle East & Africa

Asia Pacific

Sign In

Get access to My SAS, trials, communities and more.

Sign Out

Get access to My SAS, trials, communities and more.

SAS Sites

sas.com
Support
Blogs
Communities
Developer
Curiosity
Videos

Documentation

Learn
Brand
PartnerNet
Merchandise

Architecture

Planning, designing, and executing SAS within your organization
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
gra_in_aus
Quartz | Level 8 gra_in_aus
Quartz | Level 8

SAST for SAS

Posted 11-11-2022 12:11 AM (77205 views)

Hi,

 

Currently reviewing Open Source and Enterprise toolsets for SAST.  I noted that on a SAS White Paper (https://www.sas.com/content/dam/SAS/en_us/doc/whitepaper1/sas-software-security-framework-107607.pdf) that SAS uses various Security Frameworks using Open Source and Enterprise toolsets.  I would like to know which ones are utilised by SAS, as would like to assess their capabilities for the SAST Software review that I am doing to cover off the SAS Grid Platform and Redshift Clusters that we utilise for our analytics and data warehouse.

 

Many thanks

 

G

0 Likes
Reply
5 REPLIES 5
LinusH
Tourmaline | Level 20 LinusH
Tourmaline | Level 20

Re: SAST for SAS

Posted 11-11-2022 05:12 AM (77174 views)  |   In reply to gra_in_aus

I don't think this is general knowledge.

If you wish to have insight in SAS Institute processes, you should you SAS sales represenatative, or a TAM if you've been appointed one.

Data never sleeps
0 Likes
Reply
gra_in_aus
Quartz | Level 8 gra_in_aus
Quartz | Level 8

Re: SAST for SAS

Posted 11-14-2022 04:28 PM (77123 views)  |   In reply to LinusH
Can't see why there would be a problem disclosing the open-source SAST that is used. How different is SAS announcing that they use cloud academy? or any other vendors advertise that SAS is a customer of theirs?

I just information to see what SAST tools to cover off SAS and Redshift applications created by users of the servers.
0 Likes
Reply
SASKiwi
PROC Star SASKiwi
PROC Star

Re: SAST for SAS

Posted 11-11-2022 05:19 PM (77150 views)  |   In reply to gra_in_aus

What SAST tools are currently used in your organisation? Your IT Security staff should be able to advise. Why not just follow their guidance? I doubt the SAST tool requirements for your organisation would align withj SAS's so I see limited value in asking them about this.   

0 Likes
Reply
gra_in_aus
Quartz | Level 8 gra_in_aus
Quartz | Level 8

Re: SAST for SAS

Posted 11-14-2022 04:28 PM (77122 views)  |   In reply to SASKiwi
Can't see why there would be a problem disclosing the open-source SAST that is used. How different is SAS announcing that they use cloud academy? or any other vendors advertise that SAS is a customer of theirs?

I just information to see what SAST tools to cover off SAS and Redshift applications created by users of the servers.
0 Likes
Reply
SASKiwi
PROC Star SASKiwi
PROC Star

Re: SAST for SAS

Posted 11-14-2022 05:17 PM (77113 views)  |   In reply to gra_in_aus

If you think SAS can help you on SAST, then by all means contact them via Tech Support or your account manager. In my experience, the Information Security staff I work with are the ones conducting SAST tests and are most familiar with our IT environment so they are the ones I would start out consulting with. 

0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Discussion stats
  • 5 replies
  • ‎11-11-2022 12:11 AM
  • 77206 views
  • 0 likes
  • 3 in conversation
Top