Skip to content

Blog

Key Insights Blog

Read the latest insights from our experts on Cybersecurity and Risk management for SAP. 

March 12, 2024
#patch, #sapsecurity
For March 2024, 10 new Security Notes have been released and 2 have been updated. Let's look at some highlights, starting with the 'HotNews' notes.
March 7, 2024
#sapsecurity
With the evolving success of AI, SAP customers want to understand more about the potential of AI to improve their SAP Security posture. However, some homework needs to be done to unleash the full potential of AI for protecting SAP environments. In the previous parts of this series of articles, we have already discussed two prerequisites for AI-driven SAP Security: system patching and hardening. In this article, we will look at vulnerabilities in the ABAP custom code.
March 6, 2024
#sapsecurity
SecurityBridge, a leading global provider of SAP security solutions, today announced the company has teamed up with Lonza to discuss methods for SAP cybersecurity protection at SAPinsider 2024, Las Vegas, March 18-21, 2024.
February 28, 2024
#sapsecurity, SAProuter
This article demostrates the underutilized security benefits of SAProuter's reverse invoke configuration through a test setup.
Category:
February 20, 2024
#sapsecurity
In SAP’s patch round of February 2022, an SAP Security Note was released with a CVSS score of 10/10 named, “Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher”. This particular type of vulnerability is not common in SAP systems and therefore interesting to look at. As patching the SAP kernel executables is often not done promptly, we can expect this vulnerability present in the customer’s systems for quite some time.
February 15, 2024
#sapsecurity
In one of our recent articles, we pointed out the use of Access Control Lists (ACLs) to better manage access control. Below, we will show a practical example of how this can be done for inbound HTTP communication with the ‘Internet Communication Manager’ (ICM) component of an SAP system.
Category:
February 13, 2024
#sapsecurity
Leiter des Forschungslabors ist Joris Van De Vis, Director of Security Research bei SecurityBridge und Mitgründer des SAP-Sicherheits-Spezialisten Protect4S, der seit September 2013 zu SecurityBridge gehört
February 13, 2024
#patch, #sapsecurity
For February 2024, 13 new Security Notes have been released and 3 have been updated. Lets look at some highlights, starting with the ‘HowNews’ notes.
Find recent Security Advisories for SAP©

You like it?
Share it!

Webcast – Protect your SAP from Ransomware Attacks

We cordially invite you to participate in our webcast on April 10th at 14:30 CET. This exclusive event is a joint initiative of SecurityBridge in cooperation with BowBridge and Log2 and will allow you to listen to exciting insights from top-class experts.
Download the White Paper “Bridging the Gap – How SecurityBridge Supports NIST CSF in SAP Environments”. Learn how choosing the right tool can significantly shorten the journey of NIST CSF adoption and improve the security posture of SAP environments.
Download the White Paper “Bridging the Gap – How SecurityBridge Supports NIST CSF in SAP Environments”. Learn how choosing the right tool can significantly shorten the journey of NIST CSF adoption and improve the security posture of SAP environments.