- Home /
Joris van de Vis
Finding and exploiting CVE-2024-21737...
This article describes the finding and exploiting of SAP vulnerability CVE-2024-21737, including a solution to resolve it.
Read More
Anatomy of an SAP Vulnerability: Reducing the...
In our first article, we provided a detailed analysis of the SAP vulnerability CVE-2023-36922, shedding light on its security risk. As vulnerabilities with potential access on the OS layer (either via commands or direct file access) are not an isolated case, we guide on reducing the overall risk going beyond mere patching.
Read More
Anatomy of an SAP Vulnerability: Finding and Exploiting...
We provide a detailed analysis of the SAP vulnerability CVE-2023-36922, shedding light on its security risk and the common risks of all vulnerabilities with potential access on the OS layer (either via commands or direct file access).
Read More
SAP Vulnerability Management vs SAP Patch Management...
This article explores the differences between the 2 processes and how they can help bolster the security of SAP systems.
Read More
Complete Compromise of an SAP System...
This article highlights the importance of securing the 3 layers of an SAP system to prevent unauthorized access to critical business data.
Read More
Details about SAP vulnerability CVE-2022-22536 – Request...
In SAP’s patch round of February 2022, an SAP Security Note was released with a CVSS score of 10/10 named, “Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher”. This particular type of vulnerability is not common in SAP systems and therefore interesting to look at. As patching the SAP kernel executables is often not done promptly, we can expect this vulnerability present in the customer’s systems for quite some time.
Read More
How to avoid huge and fluctuating SAP-SIEM...
For real-time SAP Threat Detection, it is quite common to monitor SAP systems from a Security Operations Centre (SOC) by using central SIEM solutions. However, traditionally, these SIEM solutions are not ‘SAP-aware’ and should be fed with SAP security-relevant data to get the most out of them and secure the entire organization.
Read More
Time is of the essence when preventing...
This article outlines key SAP systems vulnerabilities, emphasizing the importance of timely prevention and detection for mitigating attacks.
Read More
The Risk of Reverse Engineering SAP Security...
This article highlights the importance of SAP Patch Management in implementing monthly security patches promptly.
Read More
SAP Platform Security – The Last Line...
SAP Platform Security plays a critical role in the final defence line as strengthening the SAP application layer is important.
Read More
SecurityBridge Research Lab reported over 100 SAP...
This article highlights SecurityBridge Research Lab’s discovery of 100+ zero-day vulnerabilities in SAP software, enhancing SAP security.
Read More
Security Breaches Not Only Affect Large Organisations...
In this blog, we highlight the vulnerability of small and medium-sized businesses’ SAP systems to cyber-attacks.
Read More
Practical Exploitation of SAP Vulnerability CVE-2021-44231...
In this blog, we talk about the practical exploitation of SAP vulnerability CVE-2021-44231 and provide a solution to address it.
Read More
The SAP secure store: keys to the...
This article explores the risks associated with SAP default settings, focusing on the vulnerability of the secure store mechanism, decryption risks, and effective preventive measures.
Read More