Common Audit Findings in PowerBuilder Applications
Security audits frequently identify these critical vulnerabilities in legacy PowerBuilder code
SQL Injection Vulnerabilities
Listed in OWASP Top 10, allowing unauthorized data access or manipulation through vulnerable database queries.
Hardcoded Sensitive Information
Credentials, encryption keys, and IP addresses exposed directly in source code, creating serious security risks.
Unencrypted Sensitive Data Handling
Personal or financial data transmitted or stored without proper encryption, violating data protection regulations.
Missing Input Validation and Sanitization
User inputs not properly validated, enabling injection attacks and compromising application security.
Security compliance requirements are intensifying.
Organizations must demonstrate that their applications—including legacy systems—meet regulatory standards and security best practices.
Detect Security Vulnerabilities in your Source Code
Visual Expert checks you code against predefined rules, detect vulnerabilities and locate them precisely.
Code Inspection Dashboard
Easily find and fix issues in your code.
300+ rules to improve Security, Quality, and Maintainability.
Check your code under
various angles
- Detect and remove security vulnerabilities
- Comply with coding "grammar" standards
- Comply with code readability standards
- Architectural layering adherence
- Remove code duplicates
- Improve performance
- And more...
Integrate Static Application Security Testing in your CI/CD Pipeline
Integrate with Jenkins or GitLAB.
Add a code inspection job in your Continuous Integration Workflow.
Perform a full code review each time a build is generated.
Reduce the time between building and fixing issues.
Support Compliance Requirements
Visual Expert's security rules align with major compliance frameworks and industry standards
Compliance Framework Support
OWASP Top 10
Identify security weaknesses including SQL injection, weak encryption, and hardcoded credentials.
CWE Standards
Map code weaknesses to Common Weakness Enumeration for standardized vulnerability identification.
ISO 27001
Support Information Security Management System requirements with documented security controls.
SOC 2 / NIS2
Document security controls and demonstrate due diligence for compliance audits.
Generate Audit-Ready Reports
Comprehensive documentation of security findings, remediation actions, and compliance status—essential evidence for auditors and regulators.
- Document security findings with detailed vulnerability reports
- Demonstrate due diligence by showing proactive security scanning
- Identify exact code locations requiring remediation
- Export detailed reports for compliance documentation
Continuous security scanning helps you prevent non-compliant code from reaching production and maintain consistent security standards across all releases.
Why Perform Security Scan with Visual Expert
High-quality analysis
In-depth analysis of your PowerBuilder code based on 20+ years of experience.
Early Correction
Discover vulnerabilities at an early stage to reduce the risks and the remediation costs.
Rapid Remediation
Immediately identify the code to be changed thanks to Visual Expert tools.
Continous Integration
Visual Expert integrates with Jenkins to enable continuous integration.
Impact Analysis
Assess the impact of a change in your code
Estimate what you should modify to accomplish a change.
Don't break your application after a change!
- If I change this variable, what is the effect on my code?
- If I add a parameter to a function, what else is affected?
- If a table or column is changed, which code should I update?
Scan for Security Vulnerabilities
Identify and fix Security issues in your code:
- Hard coded user id & passwords
- Hard coded IP addresses.
- Vulnerabilities to Injections attacks
- Fields access/protection issues
- Improper/unsecured use of encryption
- and more...
Review CRUD Operations in Your code
(Create, Read, Update, Delete)
Generate a CRUD matrix showing which programs access your data.
For instance, which DW or Procedures Create/Read/Update/Delete which Tables.
- Review dependencies between database and PB applications.
- Analyze the impact of changing your database Schema, for example changing a table definition or adding an index.
- Estimate software complexity and development efforts.
- Find out which table is never updated, deleted from multiple places, etc.
- Make sure every process has at least one input (R) and one output (CUD).
Generate Diagrams from your Code
- Visualize objects and dependencies.
- Diagrams and source code are synchronized.
- Select objects to generate a diagram
Visual Expert generates:
- Data Model Diagram to document graphically database entities and their relationships.
- Impact Analysis Diagrams to find all references to a table, column, object, method, variable...
- Call graphs to visualize chains of calls (multiple levels of references).
- PBL dependency diagrams to visualize dependencies between PBLs
Document your Code
Create reference manuals in HTML
Update your documentation on a regular basis (scheduled job).
Document the references in your code and navigate between these using hyperlinks.
Share knowledge with teammates.
Improve Code Quality
Cleanup the code. Streamline maintenance efforts. Avoid unexpected behavior.
- Identify unused objects and remove some dead code.
- Find empty methods, duplicated objects, oversized or uncommented scripts.
- Calculate code metrics: lines of code, number of objects, methods, variables…
- Check naming conventions.
- Find objects that do not inherit from an ancestor etc.
- You can check your code against hundreds of rules
Improve Code Performance
Find slow pieces of code. Remove Bottlenecks
- Find the slowest procedures, functions, triggers
- Reduce the time to access a given table
- Break down the execution time of a large object into sub-queries or instructions.
- Decompose the performance of a chain of calls
Code Comparison
Compare 2 versions of your DB or application:
- View differences in a container hierarchy.
- Drill down to find relevant changes.
- Filter changes for a given object, or object type: Userobject, Table, Procedure...
- Filter changes in a given PBL.
- Save “snapshots” of your code on a regular basis, and compare them anytime.
- And more...
Understand Complex Code
Explore the application structure. Understand its inner working.
When maintaining complex Applications, you may need to learn more about the code.
In such cases, Visual Expert is the perfect companion for PowerBuilder.
Navigate in your code via hyperlinks: each reference comes with a link to the referenced item.
Tooltips provide useful information about objects, methods and variables.
Explore inheritance dependencies between PB objects.
Lots of advanced feature will screen your code under various angles.
Advanced String Search
Visual Expert Global Search addresses common shortcomings:
String searches often return lots of results. They are usually tedious and unproductive.
- Use multiple criteria to reduce the search result.
- Restrict search to one or several object types.
- Search for exact words, or words starting/ending with, matching regular expressions…
- Search into several PB targets at the same time.
- Review results in a container hierarchy.
- The strings found are highlighted in the code.
- Filter relevant result items.
- Share the outcome with colleagues.
Catch a glimpse of Visual Expert
How it works?
Visual Expert Pricing & Editions
-
-
Basic
For individual developers with small projects
$625 /user
/year500 000 Lines of Code- Installation on a Client PC
- Cross-References / Impact Analysis
- Code Inspection
- Performance Tuning
- Code Documentation
- Updates
-
Basic
For individual developers with small projects
$1,395/user
500 000 Lines of Code- Installation on a Client PC
- Cross-References / Impact Analysis
- Code Inspection
- Performance Tuning
- Code Documentation
- Mandatory for the 1st year
- Updates - $279
-
-
-
Professional
For teams managing large codebases and requiring collaboration tools
$1,255 /user
/year5 million Lines of Code- All Basic Features, plus:
- Client/server configuration
- Web Client available
- Collaborative Features
- Integration with DevOps Platforms
- Code Comparison
- Code Analysis Scheduler & History
- Updates
Need more than 5 million Lines of Code?
Get Volume Discount- Mandatory for the 1st year
- Premium Support - $1,885
-
Professional
For teams managing large codebases and requiring collaboration tools
$2,850 /user
5 million Lines of Code- All Basic Features, plus:
- Client/server configuration
- Web Client available
- Collaborative Features
- Integration with DevOps Platforms
- Code Comparison
- Code Analysis Scheduler & History
Need more than 5 million Lines of Code?
Get Volume Discount- Mandatory for the 1st year
- Updates - $570
- Premium Support - $1,885
-
-
-
ENTERPRISE AI
For teams managing large codebases and requiring AI-powered features
$1,875 /user
/year5 million Lines of Code- All Professional plus AI Features :
- 10,000 AI Credits per user
- (AI) Explain the Business
- (AI) Explain the Logic
- (AI) Add comments in the code
- (AI) Fix a problem
- (AI) Optimize SQL & Code
- Updates
Need more than 5 million Lines of Code?
Get Volume Discount- Mandatory for the 1st year
- Premium Support - $1,885
-
ENTERPRISE AI
For teams managing large codebases and requiring AI-powered features
$3,470 /user5 million Lines of Code- All Professional plus AI Features :
- 10,000 AI Credits
- (AI) Explain the Business
- (AI) Explain the Logic
- (AI) Add comments in the code
- (AI) Fix a problem
- (AI) Optimize SQL & Code
Need more than 5 million Lines of Code?
Get Volume Discount- Mandatory for the 1st year
- Updates - $694
- Premium Support - $1,885
-
Feedback from our clients
Reduces expenses
Using VE's features allows a much quicker turnaround, reduces expenses and frees up resources for more productive work.
Become familiar with a new application in literally a few hours
(The) More you work with Visual Expert - more you understand how convenient it is. (...) I cannot remember so powerful a tool that allows a user to become familiar with a new application in literally a few hours
