Close

HAVE QUESTIONS?

Contact us today.

Subscribe me to your mailing list

Author: Alexander Polyakov

SAP Security for CISO. Part 12: SAP Mobile Infrastructure Security

SAP, like any other large vendor, is evolving towards greater mobility and providing access to its applications from different devices located anywhere in the world. Therefore, its product portfolio includes solutions that allow mobile users to interact with business applications such as those based on ABAP, Java or HANA platforms. In this article, you will learn the most relevant explanatory notes about SAP Mobile Platform and SAP Afaria, their vulnerabilities and security trends.
Read more..

0-day SAP vulnerability published, here’s what you can do

The information about a 0-day SAP vulnerability was published on LinkedIn on October 28, 2016. A researcher disclosed details of the vulnerability in SAP system that he had identified and stated as 0-day. As it turns out, the vulnerability was already patched by SAP on 13th of September by SAP Note 2344524, so technically it’s not a 0-day vulnerability, but 0-day details of the vulnerability, so to speak. However, as it takes time to implement a patch, most of SAP users may be still susceptible to attack by this issue.
Read more..

SAP Cybersecurity Incidents. What lessons should be learned from them?

SAP security used to be a terra incognita with almost no real attacks on SAP systems known to the public. However, times have changed. Several weeks ago, after the US-CERT alert, almost all the media have published a sensational news concerning potential attacks on SAP systems of the largest companies worldwide.

The news was rather shocking and raised many questions, as it turned out that SAP systems can be hacked by attackers, and what is more, it was state-sponsored Chinese hackers who did so.

Although SAP Security incidents were known since 2012 and experts have been warning about them for the last 10 years, this news stirred up public opinion much more than the previous ones. Even though because of the news a lot of people started to take SAP Security seriously, the situation still requires some clarifications. So, let’s look at the most significant incidents related to SAP Cybersecurity that happened within the last 5 years.
Read more..