SAST DAYS 2022: Register now

SAST DAYSAs part of our “SAST DAYS” series, we regularly inform you about current developments and upcoming trends in the area of SAP Cyber Security & Access Governance and offer a forum for an active exchange.

This year, the events will take place live in Munich and Hanover. The event language is German.

Register now as a participant, as the places are limited as usual.

Pathlock Group News: Interview with the Security Guy TV about preventative controls, securing ERP systems, and data privacy

Interview Video PLG ENPathlock’s Vice President of Product Strategy and Customer Experience, David Vincent, recently appeared on Security Guy TV to talk about how effective preventive controls and security measures at the data and transaction level play an important part in securing ERP systems. He also takes a deep dive into the important difference between data security and data privacy.

Continue reading

Application security: SAST SOLUTIONS is now a global player with the Pathlock Group

SAST Blog: Application security: SAST SOLUTIONS is now a global player with the Pathlock GroupSAST SOLUTIONS, your Hamburg-based specialist for SAP Security and Access Governance, is now part of the new Pathlock Group, a one-of-a-kind alliance of international providers of access governance and application security solutions. The alliance’s objective is to lift the understanding and scope of end-to-end security to a new level. Our CEO Bodo Kahl and CTO Ralf Kempf talk about the perspectives that will be opening up to SAST SOLUTIONS and its customers.

Continue reading

Important aspect of SAP data collection: S/4HANA embedded analytics uses the BI analysis “Authorizations”

SAST Blog: Important aspect of SAP data collection: S/4HANA embedded analytics uses the BI analysis “Authorizations”Data collection and the subsequent analyses are important, complex processes; it’s difficult to imagine modern business processes without data analytics. To address customers’ specific needs, customer data is analyzed, material inventories are recorded automatically, and entire work processes are scrutinized to squeeze out efficiency gains. Important data collection also takes place within the SAP landscape, for example, with SAP S/4HANA embedded analytics. The check logic in the authorizations deserves special attention here.

Continue reading

SAP patch day: How an identified vulnerability paves the way for a patch

SAST Blog Security-AlertEvery month, SAP publishes a collection of new and updated SAP Notes involving vulnerabilities in the SAP software on patch day. It’s a key date in the calendar for everyone concerned about security and the subsequent system patching is often very work-intensive and time-consuming. But where do the reports come from and how does SAP find out about them? Does the software vendor intentionally search for vulnerabilities to correct?

Continue reading

Typical pitfalls of SAP S/4HANA migration: Changes in the file structure of the SAP S/4HANA application server cause negative side-effects

SAST Blog: Typical pitfalls of SAP S/4HANA migration: Changes in the file structure of the SAP S/4HANA application server cause negative side-effectsIn its S/4HANA release, SAP follows a strategy of process simplification and greater usability, among others. At the technical level, new layers such as the SAP Fiori Front-end Server, SAP Fiori launchpad, and SAP Fiori apps were created. The authorizations of these objects require particular attention to avoid nasty surprises as the project progresses. One specific pitfall is the changed file structure on the new application server.

Continue reading

Business partners and the sneaky back door of the F4 search help: How to protect your sensitive data

SAST Blog: Business partners and the sneaky back door of the F4 search help: How to protect your sensitive dataSAP offers a consolidated data object, the business partner, to simplify the management of sensitive master data for customers, suppliers, and employees. This simplification also poses dangers, however. Therefore, all companies that plan to migrate to SAP S/4HANA should familiarize themselves with the business partner concept ahead of time.

Continue reading

Interview with Ralf Kempf about winning the “Top Identity and Access Management Solution Provider in Europe 2021” award

SAST Blog: Award win: Top IAM Solution Provider in Europe 2021.Last year came to a very pleasant end, as we won the award for “Top Identity and Access Management Solution Provider in Europe 2021”. The December issue of Enterprise Security Magazine reported extensively on our IAM solution and about the innovative features that make our software so unique. We interviewed Mr. Kempf to find out more about the software solution and the current technology trends.

Continue reading