10KBlaze and SAP Security II: Hype & Scaremongering

10KBlaze & SAP Security: Serpenteq(Partner blog post of SERPENTEQ GmbH)
On April 19, 2019, at the OPCDE Cyber Security conference in Dubai, security researchers Dmitry Chastuhin and Mathieu Geli gave a presentation called “SAP gateway to Heaven”. They re-visited two configuration issues (related to SAP Gateway and SAP Message Server) that have been known for many years and for which detailed security guidelines have been available for years. Now the researchers applied some admirably creative thinking to combine them.

Continue reading

Why passwords are pricey – and how you can still keep costs down

SAST Password Reset for SAPA password is both a blessing and a curse. The blessing is that it permits relatively secure authentication. The curse is that because the complex passwords required for secure login are often too hard to remember, even for those with good memories. A forgotten password is annoying for users. It also costs a lot of money. Read more to learn just how high the costs can be and how you can avoid them.

Continue reading

Awarded as “Top 10 Cyber Security Company in Europe”

Top10 CyberSecurity Companies Europe 2018

In cooperation with Enterprise Security Magazine, a distinguished panel of experts, professionals, and technology leaders has selected AKQUINET and their SAST SOLUTIONS into the list of the “Top 10 Cyber Security Companies in Europe”.

In the cover story of the magazine , Ralf Kempf (Technical Managing Director) reports what makes SAST SOLUTIONS special and why the topic of cyber security for SAP systems is up-to-date and will remain in future. Read the November edition of Enterprise Security Magazine now.

The State of SAP Security 2018: Between platform security, authorization management and S/4 HANA migration

SAST_HANA_S4HIt’s probably too early to sum up the state of SAP security in 2018. Then again, fall is the season for events such as the DSAG Annual Congress (German SAP User Group), which just ended in Leipzig. It is at conferences and trade fairs like this that you get a chance to find out exactly what is on the minds of SAP customers. As a result, it isn’t too soon to get a reading of the security issues that are considered important in the SAP environment.

Continue reading

Are you really that attached to your ABAP security flaws, or is it time to say goodbye?

SAST Code Security AdvisorAlmost all companies fine-tune their SAP systems with custom developments, but in doing so, they often expose themselves to severe security flaws. In particular, forgotten code that was only needed for a short time or has since been rendered obsolete by SAP’s own enhancements presents a further avenue for attacks.

AKQUINET’s analyses show that up to 90% of ABAP code is no longer used. Frequently written for one-time situations and neglected ever since, such programming offers an ideal back door for hacking and other forms of manipulation.

Continue reading

Code injection by logical databases

SAST Code Security AdvisorLogical databases were once very popular. Complex selections were relatively easy to portray and effort-intensive reports were unnecessary. Users also appreciated the way dynamic selection worked, which encouraged developers to use the technique more and more. Starting from Version 7.50, SAP has now declared logical databases obsolete. Consequently, it advised against creating new logical databases, but allowed the old ones to continue as if nothing had happened. This, however, is a security risk that could impact any report.

Continue reading

An example from practice: A holistic, professional approach to safeguarding SAP landscapes

SAST SOLUTIONSMany companies work with internal solutions to safeguard their SAP landscapes. However, operating systems, databases and SAP systems, especially those at large companies or even international groups, can have very complex IT landscapes – and are often insufficiently protected against unauthorized attempts to access these landscapes. This used to be the situation at a leading global automotive supplier. Now, the company relies on SAST SUITE from AKQUINET to safeguard its SAP landscapes.

Continue reading

AKQUINET SAST SOLUTIONS to partner with Snow Software

Partner AKQUINET SAST SOLUTIONS & SnowHow SAP licenses are assigned is an essential subject for companies. Likewise, authorization management and license optimization play crucial roles that, unfortunately, often take a back seat to day-to-day business and are subject to poor communication between the respective experts. Effective immediately, the partnership between Snow Software, a leading provider of software asset management (SAM) and cloud spend solutions based in Stockholm, Sweden, and akquinet AG will provide relief.

Continue reading

SAST Security Policies: Automation and more transparency thanks to new update features

SAST Security PolicySecurity policies allow companies to ensure compliance with data integrity, secrecy, availability and authenticity. Such policies are constantly being updated and scaled to keep up with changes to ongoing operations. When additional policies are added in compliance with guidelines – for example a software update or a DSAG audit, the policy must be compared. To date, this has required checks by hand. Since the Release 5.0 SAST SUITE offers solution, providing automatic identification and adoption of deltas where policies differ.

Continue reading