Submit your ABAP codebase. Automated static analysis checks all 22 BSI requirements. Get your report and verifiable certificate in minutes — without the consultants, the waiting, and the back-and-forth.
How it works
Connect a GitHub repository or upload a Transport ZIP. Private repos supported via Personal Access Token.
All 22 BSI APP.4.6 requirements are checked — authorization, injection prevention, secure coding, and more.
Receive a PDF report and a verifiable certificate with a public URL. Share with customers and auditors instantly.
Manual BSI APP.4.6 reviews take weeks of back-and-forth. GrundScan delivers the same coverage automatically — upload your code and have your certificate before your next meeting.
SQL injection, dynamic ABAP, authorization checks, OS command injection, hardcoded credentials, cross-client access.
Every certificate has a public verification URL. Auditors and customers can check validity without contacting you.
Built for SAP ISVs · BSI IT-Grundschutz APP.4.6
Get started →