SAP Security and Hosting: Hacking 40 SAP Systems in One Fell Swoop

SAP Security and HostingIn spite of the hype surrounding the cloud, the on-premise model in which customers run their own SAP software is still the norm. However, that doesn’t rule out a service provider handling part of the operations; indeed, hosting is a widely used model, particularly among SMEs. While the roles at hand are usually clearly assigned in a hosting model like this, the same unfortunately doesn’t always apply to SAP system security.

Continue reading

SoD-Free User Management via Web Services

SAST User and Access ManagementManaging a large number of user accounts often presents companies with a major challenge. It’s particularly difficult when user identities need to be maintained in several systems, directory services, or databases. This frequently results in a lack of transparency, conflicts in the segregation of duties (SoD), and an increase in the effort required to address them.

Continue reading

SAP Security & Compliance: Challenges in the Context of S/4HANA, Code Security, and the Cloud

SAST DAYSThey say that major events cast a shadow that portends their arrival. In SAP environments, this applies in particular to the transition to S/4HANA, which companies will need to make before maintenance for SAP ERP expires in 2025.

As we covered this pending migration from various perspectives at our SAST DAYS 2019 event, interest in the topics of authorizations and code security was especially high. Let’s take a look back at those exciting days, which presented a balanced mix of current challenges and assorted solutions.

Continue reading

SAST WEBINARS: live and on demand

Abb_WebinareOur webinars offer you a forum in which you can get the answers to your specific questions about the latest topics in SAP Security & Compliance without having to invest a lot of time.

Are you unable to attend a live webinar? Our webinar archive allows you to individually schedule when you want to take advantage of our recommendations.

Check out our current topics.

Self-Adjusting Authorizations: SAST’s new tool intelligently slims down SAP roles

SAST-SUITE_Self-Adjusting AuthorizationsCompanies find themselves challenged again and again by the immense effort required to keep employee SAP authorizations up to date during day to day business. Our new SAST SUITE module, Self-Adjusting Authorizations, takes an intelligent approach to solving the most frequent problems: It removes unused transactions automatically, increasing both compliance security and protection against data misuse, in turn reducing administrative effort.

Continue reading

SAST Security Policies: Automation and more transparency thanks to new update features

SAST Security PolicySecurity policies allow companies to ensure compliance with data integrity, secrecy, availability and authenticity. Such policies are constantly being updated and scaled to keep up with changes to ongoing operations. When additional policies are added in compliance with guidelines – for example a software update or a DSAG audit, the policy must be compared. To date, this has required checks by hand. Since the Release 5.0 SAST SUITE offers solution, providing automatic identification and adoption of deltas where policies differ.

Continue reading

IT security for SAP landscapes with managed services

sast-managed servicesAs the years pass by, companies are increasingly facing the oft-lamented lack of experts. Bright minds thinking about information technology and how to implement it, maintain it and, especially, secure it, are far and few between. And the risks grow in line with the increasingly complex IT environment. Most IT departments are simply in over their heads in the face of this challenge. For this reason, security for systems and storage of critical company data is often pushed to the bottom of the to-do list.
Consider this: Managed services offer quick, and most importantly, secure solutions.
Continue reading