Skip to content

VNSG Security & Controls 2022 – Event Review

The Dutch SAP user group (VNSG) hosted a great event on “Security and Controls” on June 16, 2022. The event took place in a beautiful location: the Railway museum in Utrecht and SecurityBridge was one of the sponsors and was present with a booth and a speaker slot together with our customer Achmea.

First, our Benelux team had a great time at this year’s VNSG event. After more than 2 years we were able to meet so many people again. The Dutch Railway museum was the perfect location adding to the great atmosphere of the event.

On our booth we presented the capabilities of the SecurityBridge platform to a live audience. Furthermore, our customer Achmea presented its road to security: what they have done since they have decided to purchase the SecurityBridge platform. This presentation also gave our CTO Ivan Mans a good opportunity to give a sneak preview of our new Violation Management module. Stay tuned for further updates on Violation Management.

We would like to thank the VNSG for organizing the event and Robert Wegh and Eric van Berkel from our customer Achmea for the great session.

Posted by

Till Pleyer
Download the White Paper “Bridging the Gap – How SecurityBridge Supports NIST CSF in SAP Environments”. Learn how choosing the right tool can significantly shorten the journey of NIST CSF adoption and improve the security posture of SAP environments.
hacking
In SAP’s patch round of February 2022, an SAP Security Note was released with a CVSS score of 10/10 named, “Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher”. This particular type of vulnerability is not common in SAP systems and therefore interesting to look at. As patching the SAP kernel executables is often not done promptly, we can expect this vulnerability present in the customer’s systems for quite some time.
code pc
In one of our recent articles, we pointed out the use of Access Control Lists (ACLs) to better manage access control. Below, we will show a practical example of how this can be done for inbound HTTP communication with the ‘Internet Communication Manager’ (ICM) component of an SAP system.
SAP Security Patch Tuesday 2024
For February 2024, 13 new Security Notes have been released and 3 have been updated. Lets look at some highlights, starting with the ‘HowNews’ notes.