10KBlaze and SAP Security II: Hype & Scaremongering

10KBlaze & SAP Security: Serpenteq(Partner blog post of SERPENTEQ GmbH)
On April 19, 2019, at the OPCDE Cyber Security conference in Dubai, security researchers Dmitry Chastuhin and Mathieu Geli gave a presentation called “SAP gateway to Heaven”. They re-visited two configuration issues (related to SAP Gateway and SAP Message Server) that have been known for many years and for which detailed security guidelines have been available for years. Now the researchers applied some admirably creative thinking to combine them.

Continue reading

One step at a time: How to secure and harden your SAP Gateway

SAST SUITE: INTERFACE MANAGEMENTThe Gateway is a central communication component of an SAP system. As such, it is an attractive target for hacker attacks – and should receive corresponding protections. If the Gateway protections fall short, hacking it becomes child’s play. Despite this, system interfaces are often left out when securing IT systems. Should a cyberattack occur, this will give the perpetrators direct access to your sensitive SAP systems.

Continue reading