Vulnerability Scan, Audit, or Penetration Test: Find the right method for identifying vulnerabilities.

SAST Blog: Vulnerability Scan, Security Audit, or Penetration Test: Finding the Right Method for Identifying Vulnerabilities. There are many methods for assessing the risk potential of SAP landscapes and identifying potential vulnerabilities, so it isn’t always easy to keep track of all the alternatives. Options range from vulnerability scans to audits and penetration tests. But which approach is the right one for identifying vulnerabilities depends entirely on your individual requirements.

Continue reading

How to plan and carry out your SAP System Audit with SAST Risk and Compliance Management

SAST Blog: How to Plan and Carry Out Your SAP System Audit with SAST Risk and Compliance ManagementThe complexity of SAP systems often makes it difficult for administrators to keep track of all their facets. How can an SAP system audit be planned constructively, for example? The SAST SUITE gives you sophisticated analysis methods to identify vulnerabilities quickly, before they can be exploited. The SAST SUITE also offers a wide variety of functions for analyzing and increasing the security of your SAP systems.

Continue reading

Speed up development of framework and application authorization concepts for SAP ERP and S/4HANA

SAST Blog: Speed Up Development of Framework and Application Authorization Concepts for SAP ERP and S/4HANACompanies that use SAP are required to describe controls and procedures in documents that reflect the current status of the system and the general compliance guidelines. The concepts for framework and application authorizations are essential elements of this documentation, for both internal requirements and annual reviews by external auditors. Good documentation templates can help get you where you need to go much more quickly.

Continue reading

SAP home goes rogue – preventable attack vectors through the SAP GUI

SAST Blog: SAP Home Goes Rogue – Preventable Attack Vectors Through the SAP GUIIn most cases, enterprise networks are infected as a result of human error. Employees click on spoofed links, accidentally reveal their passwords to third parties, or open a file that contains unexpected malware. In attack vectors involving the SAP GUI, employees are often not to blame, because an incorrectly configured SAP system is enough to enable damage to the IT landscape.

Continue reading

How to optimize your SAP Authorization Management in times of crisis

SAST Blog: How to Optimize your SAP Authorization Management in Times of CrisisWith the economic restrictions and challenges these are creating, the COVID-19 pandemic continues to be the determining factor in both business and our personal lives. And as far as we currently know, this situation will continue for quite some time. What companies need now is adjusted SAP authorization management for times of crisis, to ensure that employees can take over important tasks from colleagues as quickly as possible and without constraints on day-to-day business.

Continue reading

Rent an admin: with our SAST Managed Services we can guarantee the security of your SAP systems in these times of crisis

SAST blog: Managed service in times of crisis - Remotely or On CallThe current situation is forcing companies around the world to find and implement alternative solutions to maintain operations of their SAP systems and business processes. The SAST team is your reliable partner, especially in times of crisis. This is because providing remote support for our SAP customers what we do every day. Our SAST Managed Service puts us in the best possible and reliable position to help you in times of crisis!

Continue reading

How to define the right defaults for a framework authorization structure of your SAP HANA database

SAST BLOG: Framework authorization structure for the SAP HANA database – defining the right defaults SAP HANA is based on an in-memory technology concept for data storage. This makes it possible to analyze large, non-aggregated datasets flexibly with extremely short processing times. Since data processing in SAP HANA differs significantly from that in SAP NetWeaver, it has its own user management and authorization system. But which default settings are needed for the SAP HANA authorizations?

Continue reading

Configuring and assigning SAP authorizations in SAP Fiori apps

SAST Blog: Configuring and Assigning SAP Authorizations in SAP Fiori AppsFor a number of years now, SAP has been pursuing a new strategy for how SAP users interact with its software. Complex SAP applications are being subdivided into role-based SAP Fiori apps, with the aim improving user friendliness while also enhancing the user experience. A rising number of companies are considering implementation of SAP Fiori apps and are now faced with determining which authorizations must be allocated to their employees for access to the app.

Continue reading