Share this Job

Internship: Open Source Security-UI UX for vulnerability assessment-tool- M/F Job

Apply now »

Date: Jul 18, 2019

City: Mougins, 06, FR

Company: SAP

 

 

Requisition ID: 201705
Work Area: Software-Research
Expected Travel: 0 - 10%
Career Status: Student
Employment Type: Limited Full Time

COMPANY DESCRIPTION
SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.

SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP’s security vision is built on 5 ideals to secure business: Defendable Application, Zero-Knowledge, Zero-Vulnerability, Security by Default, and Transparency.

Security Testing team proposes a 6-month or 3-month internship in its Sophia-Antipolis offices (Mougins, France).

INTERNSHIP TOPIC

Nowadays software applications include more and more open-source (OSS) libraries. At the same time, the number of vulnerabilities being discovered and publicly disclosed for OSS libraries is ever-increasing.

The gains obtained from the reuse of community-developed libraries may be offset by the cost of establishing a timely and effective vulnerability management process that allows organizations to identify, assess and mitigate vulnerabilities in open-source software. The consequences of poor vulnerability management are demonstrated by the severe security incidents that appear in the news with alarming frequency: breaches, such as the one suffered by Equifax in 2017, can have major legal, financial, and societal impacts.

Existing tools tackling such problem rely on metadata to map OSS libraries to vulnerabilities and thus suffer from both false positives and false negatives. The solution developed at SAP is instead code-centric and combines static and dynamic analysis to determine the reachability of the vulnerable portion of libraries used (directly or transitively) by an application. The implemented tool supports the analysis of Java and Python applications, is the officially recommended tool at SAP and has been recently open-sourced.

The goal of this internship is to completely rewrite and redesign the frontend of the vulnerability-assessment-tool using making it a PWA. The end goal is to create a fast, reliable and good-looking web application able to handle a large amount of data. By applying to this internship, you will have the chance to contribute to the open-source community on an application that counts hundreds of users internally at SAP. You will also have the chance to experiment with popular frontend-tools (React, Vue, …) and build systems (Webpack, Rollup, …).

CANDIDATE PROFILE

  • University Level: MSc or attending the last year of BSc
  •  Excellent knowledge of HTML, CSS3 and JS languages
  •  Fluency in English (working language)
  • Good oral and written communication skills

INTERNSHIP CONTEXT

SAP

Over the past 45 years, SAP has grown to become the world's leading provider of business software solutions. With 12 million users, 96,400 installations, and more than 1,500 partners, SAP is the world's largest inter-enterprise software company and the world's third-largest independent software supplier, overall. SAP solutions help enterprises of all sizes around the world to improve customer relationships, enhance partner collaboration and create efficiencies across their supply chains and business operations. SAP group includes subsidiaries in over 180 countries and employs more than 91 000 people.

Security Research at SAP Labs France, Sophia Antipolis

Based at SAP Labs France Mougins, Security Research Sophia-Antipolis addresses the upcoming security needs, focusing on increased automation of the security life cycle and on providing innovative solutions for the security challenges in networked businesses, including cloud, services and mobile.

WHAT YOU GET FROM US

Success is what you make it. At SAP, we help you make it your own. A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com).

Successful candidates might be required to undergo a background verification with an external vendor.

Additional Locations


Job Segment: User Experience, ERP, Developer, Open Source, Security, Technology