{"id":868,"date":"2019-05-20T10:00:44","date_gmt":"2019-05-20T08:00:44","guid":{"rendered":"https:\/\/sast-blog.akquinet.com\/?p=868"},"modified":"2021-04-22T14:02:37","modified_gmt":"2021-04-22T12:02:37","slug":"sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop","status":"publish","type":"post","link":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/","title":{"rendered":"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"size-medium wp-image-869 alignleft\" src=\"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg\" alt=\"SAP Security and Hosting\" width=\"300\" height=\"187\" srcset=\"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg 300w, https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901-768x480.jpg 768w, https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901.jpg 850w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/>In spite of the hype surrounding the cloud, the on-premise model in which customers run their own SAP software is still the norm. However, that doesn\u2019t rule out a service provider handling part of the operations; indeed, hosting is a widely used model, particularly among SMEs. While the roles at hand are usually clearly assigned in a hosting model like this, the same unfortunately doesn&#8217;t always apply to SAP system security.<\/p>\n<p><!--more--><\/p>\n<h2><strong>Why your hosting provider may not be as secure as you might think<\/strong><\/h2>\n<p>A penetration test carried out by AKQUINET brings this problem into focus. When a customer tasked us with breaking into its SAP system, it took just over an hour for us to report that we\u2019d gained full access to Solution Manager. This came as something of a surprise to the customer, which informed us that it didn&#8217;t even run Solution Manager itself; it was meant to be one of its hosting provider&#8217;s responsibilities. We then expanded our pen test \u2013 and suddenly had access to the SAP systems of more than 40 customers!<\/p>\n<p>We should mention that this episode took place some time ago and isn&#8217;t representative of the largely excellent infrastructure that hosting providers offer. That said, it does underscore the fact that the contracts between customers and service providers (also known as service level agreements, or SLAs) often fail to sufficiently cover the topic of security. To understand why, we\u2019ll need to take a moment to explore the various models available from hosting providers. Two variants are generally the most prominent in this context: The hosting company either handles the hardware alone, or takes care of SAP Basis operations, as well.<\/p>\n<h2><strong>In securing SAP systems, many things are unclear between customers and hosting providers<\/strong><\/h2>\n<p>Both of these variants present a great deal of potential for aspects that haven\u2019t been considered regarding system security. In the former case, the provider is clearly responsible for the security of the server, network, and operating system at hand. But what about the SAP system settings that access one of these components? To take one example, is SAP Gateway the customer&#8217;s responsibility even though a file (in purely physical terms) is located directly within the operating system in this case? What about securing the database and database user for the SAP system?<\/p>\n<p>If the provider also runs the SAP system in question, it gets even more complicated. Roles and authorizations should then be defined and implemented by the customer, for instance. And what should be done about critical combinations of authorizations that could theoretically facilitate unfettered access to the SAP Basis? Does this fall within the customer&#8217;s purview, or the hosting provider&#8217;s? What about the applications the customer has developed that require access to the file system or web services? In times marked by UI5 and browser access, it&#8217;s a question that&#8217;s very much of the moment.<\/p>\n<h2><strong>Clear responsibilities lead to greater SAP security<\/strong><\/h2>\n<p>To avoid the related risks that can result from poorly defined responsibilities, customers and their hosting providers should always discuss security before implementing their arrangements. The standards and guidelines available from SAP itself or the DSAG&#8217;s audit guidelines are good places to start when clearly delineating which party is in charge of which tasks. Another element should involve ongoing efforts to safeguard not just the usual infrastructure components, but SAP systems, as well.<\/p>\n<p>In <a href=\"https:\/\/www.sast-solutions.de\/en\/sast-suite\/sap-security-intelligence\/index.jsp\" target=\"_blank\" rel=\"noopener noreferrer\">Security Radar<\/a> (which is part of SAST SUITE), we offer a monitoring solution for this purpose that also analyzes your current security status through the other modules of the suite and makes it available to you at regular intervals. This makes it possible to clear up any discrepancies between you and your provider in short order.<\/p>\n<p>Would you like more information on our SAST SUITE or would you like to find out more about ALL ROUND protection of your SAP systems? Check out our <a href=\"https:\/\/www.sast-solutions.de\/index-2.jsp\" target=\"_blank\" rel=\"noopener noreferrer\">SAST SOLUTIONS website<\/a> or send us an e-mail us at <a href=\"mailto:sast@akquinet.de\">sast@akquinet.de<\/a>.<\/p>\n<p>You\u2019ll also find a webinar on this subject in our SAST webinar archive. To request the link to the recordings, please click here: <a href=\"http:\/\/analytics-eu.clickdimensions.com\/cn\/a2eyg\/webinare-on-demand\" target=\"_blank\" rel=\"noopener noreferrer\">SAST webinars on-demand<\/a>.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-690\" src=\"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2018\/10\/Autor_Patrick_Boch-300x200.jpg\" alt=\"SAST SOLUTIONS Patrick Boch\" width=\"300\" height=\"200\" \/><br \/>\n<strong>Patrick Boch, Product Manager SAST SOLUTIONS<\/strong><\/p>\n<p><strong>\u00a0<\/strong><\/p>\n<h2><strong>Related articles in the SAST BLOG<\/strong><\/h2>\n<p><a href=\"https:\/\/sast-blog.akquinet.com\/2019\/05\/10\/10kblaze-sap-security\/\">10KBLAZE and SAP Security I: All Quiet on the Western Front<\/a><\/p>\n<p><a href=\"https:\/\/sast-blog.akquinet.com\/2019\/02\/01\/step-by-step-secure-sap-gateway\/\">One step at a time: How to secure and harden your SAP Gateway<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In spite of the hype surrounding the cloud, the on-premise model in which customers run their own SAP software is still the norm. However, that doesn\u2019t rule out a service provider handling part of the operations; indeed, hosting is a widely used model, particularly among SMEs. While the roles at hand are usually clearly assigned [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[25,156,58,114],"class_list":["post-868","post","type-post","status-publish","format-standard","hentry","category-sap-threat-detection","tag-cyber-attack","tag-cyber-security","tag-real-time-monitoring","tag-threat-detection"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop<\/title>\n<meta name=\"description\" content=\"Ensure SAP security with clear responsibilities between you and your hosting provider - so you don&#039;t fall victim to a hacker attack.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop\" \/>\n<meta property=\"og:description\" content=\"Ensure SAP security with clear responsibilities between you and your hosting provider - so you don&#039;t fall victim to a hacker attack.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/\" \/>\n<meta property=\"og:site_name\" content=\"SAST BLOG\" \/>\n<meta property=\"article:published_time\" content=\"2019-05-20T08:00:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-22T12:02:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"850\" \/>\n\t<meta property=\"og:image:height\" content=\"531\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"securityblog\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop\" \/>\n<meta name=\"twitter:description\" content=\"Ensure SAP security with clear responsibilities between you and your hosting provider - so you don&#039;t fall victim to a hacker attack.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"securityblog\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/\"},\"author\":{\"name\":\"securityblog\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/person\\\/cd70e3749cca136a7e8a37dc1d3cfc26\"},\"headline\":\"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop\",\"datePublished\":\"2019-05-20T08:00:44+00:00\",\"dateModified\":\"2021-04-22T12:02:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/\"},\"wordCount\":742,\"publisher\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2019\\\/05\\\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg\",\"keywords\":[\"Cyber Attack\",\"Cyber Security\",\"Real-time monitoring\",\"Threat Detection\"],\"articleSection\":[\"SAP Threat Detection\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/\",\"name\":\"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2019\\\/05\\\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg\",\"datePublished\":\"2019-05-20T08:00:44+00:00\",\"dateModified\":\"2021-04-22T12:02:37+00:00\",\"description\":\"Ensure SAP security with clear responsibilities between you and your hosting provider - so you don't fall victim to a hacker attack.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/#primaryimage\",\"url\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2019\\\/05\\\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg\",\"contentUrl\":\"https:\\\/\\\/sast-blog.akquinet.com\\\/wp-content\\\/uploads\\\/2019\\\/05\\\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/2019\\\/05\\\/20\\\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#website\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/\",\"name\":\"SAST BLOG\",\"description\":\"SAP Security &amp; Compliance\",\"publisher\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#organization\",\"name\":\"SAST BLOG\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/sast-solutions-logo.png\",\"contentUrl\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/sast-solutions-logo.png\",\"width\":358,\"height\":155,\"caption\":\"SAST BLOG\"},\"image\":{\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/sast-solutions.com\\\/blog-en\\\/#\\\/schema\\\/person\\\/cd70e3749cca136a7e8a37dc1d3cfc26\",\"name\":\"securityblog\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop","description":"Ensure SAP security with clear responsibilities between you and your hosting provider - so you don't fall victim to a hacker attack.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/","og_locale":"en_US","og_type":"article","og_title":"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop","og_description":"Ensure SAP security with clear responsibilities between you and your hosting provider - so you don't fall victim to a hacker attack.","og_url":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/","og_site_name":"SAST BLOG","article_published_time":"2019-05-20T08:00:44+00:00","article_modified_time":"2021-04-22T12:02:37+00:00","og_image":[{"width":850,"height":531,"url":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901.jpg","type":"image\/jpeg"}],"author":"securityblog","twitter_card":"summary_large_image","twitter_title":"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop","twitter_description":"Ensure SAP security with clear responsibilities between you and your hosting provider - so you don't fall victim to a hacker attack.","twitter_image":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901.jpg","twitter_misc":{"Written by":"securityblog","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/#article","isPartOf":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/"},"author":{"name":"securityblog","@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/person\/cd70e3749cca136a7e8a37dc1d3cfc26"},"headline":"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop","datePublished":"2019-05-20T08:00:44+00:00","dateModified":"2021-04-22T12:02:37+00:00","mainEntityOfPage":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/"},"wordCount":742,"publisher":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#organization"},"image":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/#primaryimage"},"thumbnailUrl":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg","keywords":["Cyber Attack","Cyber Security","Real-time monitoring","Threat Detection"],"articleSection":["SAP Threat Detection"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/","url":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/","name":"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop","isPartOf":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/#primaryimage"},"image":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/#primaryimage"},"thumbnailUrl":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg","datePublished":"2019-05-20T08:00:44+00:00","dateModified":"2021-04-22T12:02:37+00:00","description":"Ensure SAP security with clear responsibilities between you and your hosting provider - so you don't fall victim to a hacker attack.","breadcrumb":{"@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/#primaryimage","url":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg","contentUrl":"https:\/\/sast-blog.akquinet.com\/wp-content\/uploads\/2019\/05\/Motiv_SAST_Bowling_72dpi_1901-300x187.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/sast-solutions.com\/blog-en\/2019\/05\/20\/sap-security-and-hosting-hacking-40-sap-systems-in-one-fell-swoop\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sast-solutions.com\/blog-en\/"},{"@type":"ListItem","position":2,"name":"SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop"}]},{"@type":"WebSite","@id":"https:\/\/sast-solutions.com\/blog-en\/#website","url":"https:\/\/sast-solutions.com\/blog-en\/","name":"SAST BLOG","description":"SAP Security &amp; Compliance","publisher":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sast-solutions.com\/blog-en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sast-solutions.com\/blog-en\/#organization","name":"SAST BLOG","url":"https:\/\/sast-solutions.com\/blog-en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/logo\/image\/","url":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2021\/03\/sast-solutions-logo.png","contentUrl":"https:\/\/sast-solutions.com\/blog-en\/wp-content\/uploads\/2021\/03\/sast-solutions-logo.png","width":358,"height":155,"caption":"SAST BLOG"},"image":{"@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/sast-solutions.com\/blog-en\/#\/schema\/person\/cd70e3749cca136a7e8a37dc1d3cfc26","name":"securityblog"}]}},"_links":{"self":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts\/868","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/comments?post=868"}],"version-history":[{"count":3,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts\/868\/revisions"}],"predecessor-version":[{"id":1276,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/posts\/868\/revisions\/1276"}],"wp:attachment":[{"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/media?parent=868"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/categories?post=868"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sast-solutions.com\/blog-en\/wp-json\/wp\/v2\/tags?post=868"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}