#sapsecurity

Article on SAP security, best-practices and security advisories.

SAP Patchday

SAP Security Patch Day – September 2020

On 8th of September 2020, SAP Security Patch Day saw the release of 10 new Security Notes. There were 6 updates to previously released Security Notes. We strongly recommend to carefully revisit the September release as critical vulnerabilities have been resolved.

SAP Patchday

SAP Security Patch Day – August 2020

Despite the holiday season the SAP Security Response team remains very active as we see with the August patch day. On 11th of August 2020 15 new Security Notes have been released. There was 1 updated to the CVSS-10 vulnerability already released last month.

Security Operation Center

Why CISA strongly recommends monitoring SAP?

The Cybersecurity and Infrastructure Security Agency (CISA) strongly recommends organizations immediately apply patches, and in situations where patches cannot be applied, CISA recommends “closely monitoring your SAP NetWeaver AS for anomalous activity”.

The week after SAP RECON
[CVE-2020-6287]

SAP Patch Day July 2020 shocked the customer community of SAP SE. Although everyone assumed that zero-days with a high-risk potential of exploitation exist, the recent Patch Day has delivered evidence. Read more to understand what you should do as the next best action to protect your enterprise.

SAP Patchday

SAP Security Patch Day – July 2020

We are rapidly approaching summer vacation. Despite the holiday season the SAP Security Response team remains very active also with this months patchday. Today, the 14th of July 2020, 7 new patches and 2 updates to existing patches have been released.

2FA for SAP, and how to hack it

Gear up your SAP Logon process using 2 factor authentification. 2FA, typically demands two components to co-exist, in the same place, at the time of login. In practice, this typically means the end-user has a physical device such as a SmartCard, and a memorized PIN number.

SAP RFC Security Monitor

Get a grip on SAP Interface Security

Latest addition to the SecurityBridge suite is a fully integrated interface monitor, which visualizes RFC interface connectivity across your SAP landscape. Through a bird’s eye view security critical traffic and vulnerable interfaces can easily be spotted.

SAP Patchday

SAP Security Patch Day – June 2020

On the 9th of June 2020 the SAP Product Security Response Team released 18 patches out of which 1 contains an update from a previous release. Every second Tuesday of the month the team publishes corrections and recommendations, which fix known vulnerabilities discovered within SAP products.