Transports are an essential part of an SAP environment. They are used to transfer changes from one system to another, to implement new functions, to perform updates, and to install third-party applications. Change management in SAP is inconceivable without transports. Yet how can they be checked for security risks?
How IT security policies help you satisfy your security requirements
Do you know what you have to do when your company faces security incidents? Do you have documents where you can look up what you need to do? If so, are they up to date? Security policies are neglected in many areas, although they are a cornerstone for maintaining IT compliance and improving enterprise security.
Press release: Global security alliances in cyber warfare
In the current Digital Defense Report, Brad Smith, President of Microsoft, called for international collaboration and coalitions for a “new form of collective defense” as a comprehensive strategy against the full spectrum of destructive cyberattacks, espionage, and interference. One of the first and largest of these cyber warfare initiatives is the Pathlock Group, formed from seven leading IT security firms and now the global market leader in access orchestration and application security for mission-critical applications. One of these firms is the Hamburg-based SAST SOLUTIONS, an IT security specialist.
SAST SOLUTIONS and IBS Schreiber: New Technology Partnership for SAP Authorization Software
Hamburg, July 12, 2022: SAST SOLUTIONS, the Hamburg-based specialist for SAP security and access governance and part of the international Pathlock Group, together with IBS Schreiber, the SAP security and compliance specialist also based in Hamburg, will in future offer customers the integration of IBS Schreiber rule sets through the Easy Content Solution (ECS) software.
Pathlock Group News: Interview with the Security Guy TV about preventative controls, securing ERP systems, and data privacy
Pathlock’s Vice President of Product Strategy and Customer Experience, David Vincent, recently appeared on Security Guy TV to talk about how effective preventive controls and security measures at the data and transaction level play an important part in securing ERP systems. He also takes a deep dive into the important difference between data security and data privacy.
SAP S/4HANA migration and SAP Fiori implementation – six helpful best-practice tips
The fundamental question that many people ask before implementing SAP S/4HANA and deploying Fiori apps is “why?”. The option of using Fiori apps has been available for a while now, but the question as to why these new apps should be used usually doesn’t pop up until an SAP S/4HANA migration is planned.
Application security: SAST SOLUTIONS is now a global player with the Pathlock Group
SAST SOLUTIONS, your Hamburg-based specialist for SAP Security and Access Governance, is now part of the new Pathlock Group, a one-of-a-kind alliance of international providers of access governance and application security solutions. The alliance’s objective is to lift the understanding and scope of end-to-end security to a new level. Our CEO Bodo Kahl and CTO Ralf Kempf talk about the perspectives that will be opening up to SAST SOLUTIONS and its customers.
Security projects do not stop at the authorization concept
An end-to-end security strategy must also include regular checks, maintenance, and protection of authorizations, installations, and proprietary developments against internal and external threats – especially in an SAP landscape. But what roles do project organization and project management play when it comes to improving SAP security?
Important aspect of SAP data collection: S/4HANA embedded analytics uses the BI analysis “Authorizations”
Data collection and the subsequent analyses are important, complex processes; it’s difficult to imagine modern business processes without data analytics. To address customers’ specific needs, customer data is analyzed, material inventories are recorded automatically, and entire work processes are scrutinized to squeeze out efficiency gains. Important data collection also takes place within the SAP landscape, for example, with SAP S/4HANA embedded analytics. The check logic in the authorizations deserves special attention here.
SAP patch day: How an identified vulnerability paves the way for a patch
Every month, SAP publishes a collection of new and updated SAP Notes involving vulnerabilities in the SAP software on patch day. It’s a key date in the calendar for everyone concerned about security and the subsequent system patching is often very work-intensive and time-consuming. But where do the reports come from and how does SAP find out about them? Does the software vendor intentionally search for vulnerabilities to correct?