Unify cross-application SoD across your business landscape

SAST BLOG: Unify cross-application SoD across your business landscapeCross-application business processes have unlocked best-of-breed solutions but are introducing new access risks. The proliferation of these business processes has also shifted how organizations must address Segregation of Duties (SoD). Today’s security models span a variety of applications. This makes it critical for enterprises to identify SoD conflicts across apps and enable continuous controls monitoring to detect actual violations as they occur.

Continue reading

Business partners and the sneaky back door of the F4 search help: How to protect your sensitive data

SAST Blog: Business partners and the sneaky back door of the F4 search help: How to protect your sensitive dataSAP offers a consolidated data object, the business partner, to simplify the management of sensitive master data for customers, suppliers, and employees. This simplification also poses dangers, however. Therefore, all companies that plan to migrate to SAP S/4HANA should familiarize themselves with the business partner concept ahead of time.

Continue reading

Interview with Ralf Kempf about winning the “Top Identity and Access Management Solution Provider in Europe 2021” award

SAST Blog: Award win: Top IAM Solution Provider in Europe 2021.Last year came to a very pleasant end, as we won the award for “Top Identity and Access Management Solution Provider in Europe 2021”. The December issue of Enterprise Security Magazine reported extensively on our IAM solution and about the innovative features that make our software so unique. We interviewed Mr. Kempf to find out more about the software solution and the current technology trends.

Continue reading

How the skilled use of SAP wildcard characters can shed light on the analysis of the SAP authorization system

How the skilled use of SAP wildcard characters can shed light on the analysis of the SAP authorization systemFor SAP experts worldwide, data display tools like the Data Browser (SE16), Quick Viewer (SQVI), and Query Start (SQ00) are basic components of their everyday work. They have become accustomed to using selection screens, variants, and ALV functions in the output lists of the Data Browser. In this post, we’ll show you examples from the SAP authorization system that illustrate less well-known possibilities for finding what you need in large datasets through the skilled use of wildcard characters during selection.

Continue reading

SAST SOLUTIONS receives the award “Top Identity and Access Management Solution Provider in Europe 2021”

SAST Blog: Award win: Top IAM Solution Provider in Europe 2021.The december issue of Enterprise Security Magazine focuses on IAM solution providers in Europe. It aims to identify the emerging players in the IAM space and showcase their expertise in solving impediments and overcoming market complexities. We are delighted to have won with the topic “Real-Time Identity and Access Management for SAP Systems” the award for “Top IAM Solution Provider in Europe 2021” in this context!

Continue reading

Think about updating your authorization roles in your SAP S/4HANA project!

SAP S/4HANA authorizations: brownfield or greenfieldMany companies are currently faced with the task of converting their SAP systems to SAP S/4HANA, because their ERP maintenance will be discontinued in the foreseeable future. Project planning usually only takes technical and organizational aspects into account, however; crucial security topics aren’t given enough priority. As a result, the implementation of the authorization concept and adaptation of the authorization roles often end up at the end of the line.

Continue reading

Role conversion is anything but child’s play – but you can still execute your SAP S/4HANA authorization projects quickly and securely

Roozbeh Noori-Amoli (SAST SOLUTIONS)A survey was conducted during an ITOK expert talk on the greatest challenges for SAP security in March. It revealed that over half the participants see such challenges in the area of roles and authorizations. The integration of the authorization concept represents one of the core activities during SAP S/4HANA implementation and is a frequent reason for the failure of such projects as a whole. But how can you handle conflicts like resource bottlenecks, shifting priorities for subprojects, changes to tasks, and testing?

Continue reading