On 8th of September 2020, SAP Security Patch Day saw the release of 10 new Security Notes. There were 6 updates to previously released Security Notes. We strongly recommend to carefully revisit the September release as critical vulnerabilities have been resolved.
My name is Christoph Nagy. I am founder and managing director of ABEX - NCMI GmbH. We develop strategic security solutions for our customers, enabling them to perform automated analysis of security settings and to detect and prevent cyber-attacks against SAP© in real-time.
HyperLogging introduces a new capability for SAP endpoints. Once enabled is collects all relevant data sources which are relevant for forensic analysis of incidents.
Despite the holiday season the SAP Security Response team remains very active as we see with the August patch day. On 11th of August 2020 15 new Security Notes have been released. There was 1 updated to the CVSS-10 vulnerability already released last month.
On July 29th 2020 a new release of SecurityBridge was made available for our subscribers. The release (version 4.75) includes new features and enhancements to the current security controls.
SAP systems belong to the companies’ critical infrastructures, no doubt. Yet, enterprises struggle with the timely implementation of patches. Within this article, we provide a deep-dive into the challenges that let you remember how patching SAP NetWeaver application works.
SAP Patch Day July 2020 shocked the customer community of SAP SE. Although everyone assumed that zero-days with a high-risk potential of exploitation exist, the recent Patch Day has delivered evidence. Read more to understand what you should do as the next best action to protect your enterprise.
We are rapidly approaching summer vacation. Despite the holiday season the SAP Security Response team remains very active also with this months patchday. Today, the 14th of July 2020, 7 new patches and 2 updates to existing patches have been released.
Gear up your SAP Logon process using 2 factor authentification. 2FA, typically demands two components to co-exist, in the same place, at the time of login. In practice, this typically means the end-user has a physical device such as a SmartCard, and a memorized PIN number.
Selecting a specialized solution for each security area, however, has some limitations. A holistic approach offers additional benefit that is required to gain insight into potential risks and to offer full transparency of the security posture.
Within this whitepaper you will learn about the key mistakes that can be avoided when it comes to SAP Security. History has shown that many companies have suffered from cyber incidents, moreover, not all incidents are reported or have been made available to the public.