In cooperation with Enterprise Security Magazine, a distinguished panel of experts, professionals, and technology leaders has selected AKQUINET and their SAST SOLUTIONS into the list of the “Top 10 Cyber Security Companies in Europe”.
In the cover story of the magazine , Ralf Kempf (Technical Managing Director) reports what makes SAST SOLUTIONS special and why the topic of cyber security for SAP systems is up-to-date and will remain in future. Read the November edition of Enterprise Security Magazine now.
Did you know that you can distribute licenses easily and automatically via RFC starting from SAST SUITE Release 5.0?
Almost all companies fine-tune their SAP systems with custom developments, but in doing so, they often expose themselves to severe security flaws. In particular, forgotten code that was only needed for a short time or has since been rendered obsolete by SAP’s own enhancements presents a further avenue for attacks.
Logical databases were once very popular. Complex selections were relatively easy to portray and effort-intensive reports were unnecessary. Users also appreciated the way dynamic selection worked, which encouraged developers to use the technique more and more. Starting from Version 7.50, SAP has now declared logical databases obsolete. Consequently, it advised against creating new logical databases, but allowed the old ones to continue as if nothing had happened. This, however, is a security risk that could impact any report.
Many companies work with internal solutions to safeguard their SAP landscapes. However, operating systems, databases and SAP systems, especially those at large companies or even international groups, can have very complex IT landscapes – and are often insufficiently protected against unauthorized attempts to access these landscapes. This used to be the situation at a leading global automotive supplier. Now, the company relies on SAST SUITE from AKQUINET to safeguard its SAP landscapes.
How SAP licenses are assigned is an essential subject for companies. Likewise, authorization management and license optimization play crucial roles that, unfortunately, often take a back seat to day-to-day business and are subject to poor communication between the respective experts. Effective immediately, the partnership between 
Security policies allow companies to ensure compliance with data integrity, secrecy, availability and authenticity. Such policies are constantly being updated and scaled to keep up with changes to ongoing operations. When additional policies are added in compliance with guidelines – for example a software update or a DSAG audit, the policy must be compared. To date, this has required checks by hand. Since the 
As the years pass by, companies are increasingly facing the oft-lamented lack of experts. Bright minds thinking about information technology and how to implement it, maintain it and, especially, secure it, are far and few between. And the risks grow in line with the increasingly complex IT environment. Most IT departments are simply in over their heads in the face of this challenge. For this reason, security for systems and storage of critical company data is often pushed to the bottom of the to-do list.
Time and again, we’ve seen subpar handling of risk resolution in practice for RFC interfaces, with no guarantee for maintaining proper and secure operating conditions.