Role adjustments for technical SAP users – how to handle authorizations safely and effectively.

SAST Blog: Role adjustments for technical SAP users – how to handle authorizations safely and effectively.Technical SAP users that have extensive authorizations like SAP_ALL pose a heightened security risk. Vulnerabilities can endanger interfaces and paralyze processes. As such, external auditors are intensifying their focus on authorization management. One of our customers – a company in the energy sector – recently faced the challenge of having to restrict the authorizations of its technical users (batch processing/RFC interfaces).

Continue reading

The importance of reliably monitoring transactions in SAP systems

SAST Blog: The importance of reliably monitoring transactions in SAP systemsSAP systems contain numerous transactions that enable applications to be accessed quickly. However, transactions can also be used to access sensitive business processes and confidential information. This is why events relevant to security have to be filtered out of a sea of data and placed in the proper context. This means that in order to evaluate and analyze conspicuous events, intelligent management is required. 

Continue reading

Adapting authorization management in a central hub SAP S/4HANA system – save valuable time with the right strategy and the right administration tool

SAST Blog: Adapting authorization management in a central hub SAP S/4HANA system When setting up an SAP S/4HANA system landscape, you have the option of establishing a front-end system as the central, superordinate system that accesses different back-end systems. To do this, you have to consider and logically design many factors in advance. In addition to the technical prerequisites, the role and authorization concepts have to be revised. But how can you adapt authorization management in an SAP S/4HANA system with little effort?

Continue reading

Vulnerability Scan, Audit, or Penetration Test: Find the right method for identifying vulnerabilities.

SAST Blog: Vulnerability Scan, Security Audit, or Penetration Test: Finding the Right Method for Identifying Vulnerabilities. There are many methods for assessing the risk potential of SAP landscapes and identifying potential vulnerabilities, so it isn’t always easy to keep track of all the alternatives. Options range from vulnerability scans to audits and penetration tests. But which approach is the right one for identifying vulnerabilities depends entirely on your individual requirements.

Continue reading

How to plan and carry out your SAP System Audit with SAST Risk and Compliance Management

SAST Blog: How to Plan and Carry Out Your SAP System Audit with SAST Risk and Compliance ManagementThe complexity of SAP systems often makes it difficult for administrators to keep track of all their facets. How can an SAP system audit be planned constructively, for example? The SAST SUITE gives you sophisticated analysis methods to identify vulnerabilities quickly, before they can be exploited. The SAST SUITE also offers a wide variety of functions for analyzing and increasing the security of your SAP systems.

Continue reading

Speed up development of framework and application authorization concepts for SAP ERP and S/4HANA

SAST Blog: Speed Up Development of Framework and Application Authorization Concepts for SAP ERP and S/4HANACompanies that use SAP are required to describe controls and procedures in documents that reflect the current status of the system and the general compliance guidelines. The concepts for framework and application authorizations are essential elements of this documentation, for both internal requirements and annual reviews by external auditors. Good documentation templates can help get you where you need to go much more quickly.

Continue reading

SAP home goes rogue – preventable attack vectors through the SAP GUI

SAST Blog: SAP Home Goes Rogue – Preventable Attack Vectors Through the SAP GUIIn most cases, enterprise networks are infected as a result of human error. Employees click on spoofed links, accidentally reveal their passwords to third parties, or open a file that contains unexpected malware. In attack vectors involving the SAP GUI, employees are often not to blame, because an incorrectly configured SAP system is enough to enable damage to the IT landscape.

Continue reading