SAP Notes are SAP’s standard tool for supplying coding corrections. Alongside a description of the issue from a business perspective, they also include the technical solution. Security considerations also make them increasingly important for any SAP system landscape, as they provide a regular and prompt means of closing critical vulnerabilities in SAP systems, for example. The SAP Netweaver Download Service offers a number of advantages in relation to SAP Notes.
SAP Security
Interview: How application security and controls automation can enable business performance
Expert Insights sat down with our Pathlock’s Chief Marketing Officer, Mike Puterbaugh, in an exclusive interview to discuss how organizations can leverage application security and controls automation not only to improve their resilience against cyberthreats, but also to enable business performance.
Read the full interview at: https://lnkd.in/gKPZxqZM
Press release: Global security alliances in cyber warfare
In the current Digital Defense Report, Brad Smith, President of Microsoft, called for international collaboration and coalitions for a “new form of collective defense” as a comprehensive strategy against the full spectrum of destructive cyberattacks, espionage, and interference. One of the first and largest of these cyber warfare initiatives is the Pathlock Group, formed from seven leading IT security firms and now the global market leader in access orchestration and application security for mission-critical applications. One of these firms is the Hamburg-based SAST SOLUTIONS, an IT security specialist.
Security projects do not stop at the authorization concept
An end-to-end security strategy must also include regular checks, maintenance, and protection of authorizations, installations, and proprietary developments against internal and external threats – especially in an SAP landscape. But what roles do project organization and project management play when it comes to improving SAP security?
SAP patch day: How an identified vulnerability paves the way for a patch
Every month, SAP publishes a collection of new and updated SAP Notes involving vulnerabilities in the SAP software on patch day. It’s a key date in the calendar for everyone concerned about security and the subsequent system patching is often very work-intensive and time-consuming. But where do the reports come from and how does SAP find out about them? Does the software vendor intentionally search for vulnerabilities to correct?
SAP February patch day: Highly critical vulnerability in core component threatens central SAP products (key word: ICMAD) – act immediately!
A major security vulnerability, which has been assigned a top severity rating, threatens SAP ERP 6.0, S/4HANA, NetWeaver, and Web Dispatcher, among others. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has issued an alert warning of potential attacks on SAP products. Patch your SAP systems IMMEDIATELY!
SAP security: Why SIEM doesn’t spot everything and how you can draw attention to SAP incidents nonetheless
Standard SIEM monitoring is often insufficient to ensure SAP security, because the specific SAP logs and analyses can’t be interpreted and, consequently, attack patterns cannot be identified or recognized. Why this is the case, what companies can do to integrate SAP in their monitoring nonetheless, and why this end-to-end safeguarding can deliver additional benefits – our CTO Ralf Kempf explains it all in an article for it management magazine.
Trusted system relationships simplify the logon procedure for RFC communication – but how sensible and secure is their use?
The RFC (Remote Function Call) is the main SAP technology for exchanging data between SAP systems. In addition to standard RFC connections, it is also possible to configure trusted relationships. In our technology tip, find out when you should use trusted system relationships and how you can use them securely.
Get your SAP S/4HANA migration into high gear with a sound security strategy
Seize the opportunity to take your SAP S/4HANA migration to a new level with a cleanly designed, holistically planned security and compliance strategy. After all, having structured plans from the start will reduce the workload in the long term. That’s why you should ultimately see this challenge as an opportunity as well: to improve the security of your SAP systems, streamline your role concepts, and enable use of the new system with all its benefits.
Act immediately to remedy the Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Knowledge Management!
Information just now officially provided as part of the November SAP Patchday describes a new critical vulnerability: The SAP Security Note 2928635 (CVE-2020-6284) is a Cross-Site Scripting vulnerability (XSS) in SAP NetWeaver Knowledge Management. Act now to close the loophole!