Key Insights Blog
Read the latest insights from our experts on Cybersecurity and Risk management for SAP.
March 12, 2024
#patch, #sapsecurity
For March 2024, 10 new Security Notes have been released and 2 have been updated. Let's look at some highlights, starting with the 'HotNews' notes.
Category: SAP Security Patch Day
March 7, 2024
#sapsecurity
With the evolving success of AI, SAP customers want to understand more about the potential of AI to improve their SAP Security posture. However, some homework needs to be done to unleash the full potential of AI for protecting SAP environments. In the previous parts of this series of articles, we have already discussed two prerequisites for AI-driven SAP Security: system patching and hardening. In this article, we will look at vulnerabilities in the ABAP custom code.
Category: SAP Cybersecurity, SAP Vulnerability
March 6, 2024
#sapsecurity
SecurityBridge, a leading global provider of SAP security
solutions, today announced the company has teamed up with Lonza to discuss methods for SAP
cybersecurity protection at SAPinsider 2024, Las Vegas, March 18-21, 2024.
Category: Press coverage, Security News
February 28, 2024
#sapsecurity, SAProuter
This article demostrates the underutilized security benefits of SAProuter's reverse invoke configuration through a test setup.
Category: SAP Cybersecurity
February 20, 2024
#sapsecurity
In SAP’s patch round of February 2022, an SAP Security Note was released with a CVSS score of 10/10 named, “Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher”. This particular type of vulnerability is not common in SAP systems and therefore interesting to look at. As patching the SAP kernel executables is often not done promptly, we can expect this vulnerability present in the customer’s systems for quite some time.
Category: SAP Cybersecurity, SAP Vulnerability
February 15, 2024
#sapsecurity
In one of our recent articles, we pointed out the use of Access Control Lists (ACLs) to better manage access control. Below, we will show a practical example of how this can be done for inbound HTTP communication with the ‘Internet Communication Manager’ (ICM) component of an SAP system.
Category: SAP Cybersecurity
February 13, 2024
#sapsecurity
Leiter des Forschungslabors ist Joris Van De Vis, Director of Security Research bei SecurityBridge und Mitgründer des SAP-Sicherheits-Spezialisten Protect4S, der seit September 2013 zu SecurityBridge gehört
Category: Press coverage, Security News
February 13, 2024
#patch, #sapsecurity
For February 2024, 13 new Security Notes have been released and 3 have been updated. Lets look at some highlights, starting with the ‘HowNews’ notes.
Category: SAP Security Patch Day
Find recent Security Advisories for SAP©
You like it?
Share it!
Webcast – Protect your SAP from Ransomware Attacks
We cordially invite you to participate in our webcast on April 10th at 14:30 CET. This exclusive event is a joint initiative of SecurityBridge in cooperation with BowBridge and Log2 and will allow you to listen to exciting insights from top-class experts.