Adapting authorization management in a central hub SAP S/4HANA system – save valuable time with the right strategy and the right administration tool.

SAST Blog: Adapting authorization management in a central hub SAP S/4HANA system When setting up an SAP S/4HANA system landscape, you have the option of establishing a front-end system as the central, superordinate system that accesses different back-end systems. To do this, you have to consider and logically design many factors in advance. In addition to the technical prerequisites, the role and authorization concepts have to be revised. But how can you adapt authorization management in an SAP S/4HANA system with little effort?

Continue reading

Vulnerability Scan, Audit, or Penetration Test: Find the right method for identifying vulnerabilities.

SAST Blog: Vulnerability Scan, Security Audit, or Penetration Test: Finding the Right Method for Identifying Vulnerabilities. There are many methods for assessing the risk potential of SAP landscapes and identifying potential vulnerabilities, so it isn’t always easy to keep track of all the alternatives. Options range from vulnerability scans to audits and penetration tests. But which approach is the right one for identifying vulnerabilities depends entirely on your individual requirements.

Continue reading

Speed up development of framework and application authorization concepts for SAP ERP and S/4HANA

SAST Blog: Speed Up Development of Framework and Application Authorization Concepts for SAP ERP and S/4HANACompanies that use SAP are required to describe controls and procedures in documents that reflect the current status of the system and the general compliance guidelines. The concepts for framework and application authorizations are essential elements of this documentation, for both internal requirements and annual reviews by external auditors. Good documentation templates can help get you where you need to go much more quickly.

Continue reading

SAP home goes rogue – preventable attack vectors through the SAP GUI

SAST Blog: SAP Home Goes Rogue – Preventable Attack Vectors Through the SAP GUIIn most cases, enterprise networks are infected as a result of human error. Employees click on spoofed links, accidentally reveal their passwords to third parties, or open a file that contains unexpected malware. In attack vectors involving the SAP GUI, employees are often not to blame, because an incorrectly configured SAP system is enough to enable damage to the IT landscape.

Continue reading

Rent an admin: with our SAST Managed Services we can guarantee the security of your SAP systems in these times of crisis

SAST blog: Managed service in times of crisis - Remotely or On CallThe current situation is forcing companies around the world to find and implement alternative solutions to maintain operations of their SAP systems and business processes. The SAST team is your reliable partner, especially in times of crisis. This is because providing remote support for our SAP customers what we do every day. Our SAST Managed Service puts us in the best possible and reliable position to help you in times of crisis!

Continue reading

SAP Security: five ways to make sure you’ll be hacked

Hacker attacks threaten SAP security: All alarmist nonsense?(A guide of the less serious sort.)
Let’s be honest right off the bat: There’s a lot of hype in the media about IT security in general and SAP security in special these days. But is there really anything behind it? Those headlines about millions of data records going missing always affect someone else – whether it’s Equifax across the pond or the big tech companies that have been infiltrated by organized groups of Chinese hackers. It’s all alarmist nonsense!

Continue reading

SAP Security & Compliance: “Customers need Solution Providers.”

SAST SOLUTIONS from AKQUINET honored with Softshell Vendor Award in GoldStarted with two modules in 2006, the SAST SOLUTIONS portfolio now comprises a comprehensive combination of software, consulting and service, and offers a holistic solution for safeguarding SAP systems. In this interview, Managing Director Bodo Kahl talks about the topics that concern himself as well as the entire industry, and describes the qualities that characterize a good service provider for SAP security and compliance today.

Continue reading

10KBlaze and SAP Security II: Hype & Scaremongering

10KBlaze & SAP Security: Serpenteq(Partner blog post of SERPENTEQ GmbH)
On April 19, 2019, at the OPCDE Cyber Security conference in Dubai, security researchers Dmitry Chastuhin and Mathieu Geli gave a presentation called “SAP gateway to Heaven”. They re-visited two configuration issues (related to SAP Gateway and SAP Message Server) that have been known for many years and for which detailed security guidelines have been available for years. Now the researchers applied some admirably creative thinking to combine them.

Continue reading