Can we convert the source code to .net as we are planning to perform audit on the source, Or do suggest in built out systems feature to perform audit on code.

Hi Naresh.

The application is already a .Net application. If you have access to the server (not an OutSystems cloud server) you have access to the code.

Also, what type of audit do you need to perform?

OutSystems has the Architecture Dashboard to analyses the code: https://success.outsystems.com/Documentation/Architecture_Dashboard/Introduction_to_Architecture_Dashboard

Cheers.

Hello Naresh.

There are ways to access the generated code if you install it on-premises. But auditing in OutSystems should be over the OutSystems development. The generated code may change between versions to fix bugs and the developer has absolutely no control over it.

The only reason to look at the generated code is to evaluate OutSystems before buying. But considering that banks and companies that really need to keep data safe are ok with it, you should also be.


A good tool to audit OS is Architecture Dashboard. This is what keeps developers in check. Everything else is just to go along best-practices from a different time.

Hi Naresh,

In addition to the above, in you want to run Static Application Security Testing (SAST) against the OutSystems source code (.NET code), you can check out this documentation

As stated by Nuno, you would need to have a self-managed installation, meaning an On-Premises or Private Cloud environment, if you want to do so.

Hope this helps.

Regards,

Nordin