Skip to content
  • Home /
  • <span class="vcard">Gert-Jan Koster</span>

SAP Security Patch Day – June 2024...

For June 2024, 10 new Security Notes have been released and 2 have been updated.

Read More

SAP Security Patch Day – May 2024...

For April 2024, 10 new Security Notes have been released and 2 have been updated. What stands out is that there are no ‘Hot News’ notes in this release. But let that not be a reason to ‘lower your guard’! We explore some interesting highlights below.

Read More

SAP Security Baseline 2.5 – Key Points...

On April 8, 2024, SAP released version 2.5 of the SAP Security baseline. In this article, we will delve into the updates and share some key findings.

Read More

SAP Security Patch Day – April 2024...

For April 2024, 10 new Security Notes have been released and 2 have been updated. What stands out is that there are no ‘Hot News’ notes in this release. But let that not be a reason to ‘lower your guard’! We explore some interesting highlights below.

Read More

The ‘Rapid Reset Attack’ – an SAP...

Recently, we have seen the release of several SAP Security notes that address the so-called ‘Rapid Reset Attack’ vulnerability. In this blog, we will zoom in on this vulnerability, look at how it affects SAP systems, and what counter measures can be taken.

Read More

SAP Security Patch Day – March 2024...

For March 2024, 10 new Security Notes have been released and 2 have been updated. Let’s look at some highlights, starting with the ‘HotNews’ notes.

Read More

Reverse Invoke for Added Security: SAProuter as...

This article demostrates the underutilized security benefits of SAProuter’s reverse invoke configuration through a test setup.

Read More

Hardening the ICM with ACLs – a...

In one of our recent articles, we pointed out the use of Access Control Lists (ACLs) to better manage access control. Below, we will show a practical example of how this can be done for inbound HTTP communication with the ‘Internet Communication Manager’ (ICM) component of an SAP system.

Read More

SAP Security Patch Day – February 2024...

For February 2024, 13 new Security Notes have been released and 3 have been updated. Lets look at some highlights, starting with the ‘HowNews’ notes.

Read More

Strengthening SAP Security with Access Control Lists...

In this blog, we will explore the significance of SAP ACLs, understand their importance in mitigating security risks, and compare them with network security measures like firewalls.

Read More

SAP Security Patch Day – January 2024...

For January 2024, 10 new Security Notes have been released and 2 have been updated. Lets look at some highlights, starting with the ‘HowNews’ notes which all have a CVSS score of 9.1 this month.

Read More

SAP Security Patch Day – December 2023...

On this last SAP Security Patch Day of 2023, another set of Security Patches has been released. Previous releases contained a relatively low number of patches, but this month, 17 notes have been released that are either new or have been updated.

Read More

Countering Data Breaches – An Urgent Call...

Earlier this year, IBM presented its 18th edition of ‘The Cost of a Data Breach Report’ (you can find it here). This publication provides detailed and valuable insights into various factors related to data breaches. It is based on research carried out at 553 impacted organizations – any IT security professional should check it out. In this article, we will highlight some of this report’s findings and bring them into the context of SAP security.

Read More

SAP Security Patch Day – November 2023...

SAP has released another set of Security Patches on this SAP Security Patch Day for November. Like last month, the number of patches is relatively low, with only 3 new Security Notes and 3 updates to notes that have been earlier released.

Read More

Reverse Invoke for Added Security: SAP Web...

In this blog, we highlight reverse invoke for added security by taking an SAP Web Dispatcher to SAP backend scenario as an example.

Read More