Contact us today.

Subscribe me to your mailing list

Hardcoded Credentials vulnerability

SAP Security Notes June 2015 – Review

SAP has released the monthly critical patch update for June 2015. This patch update closes a lot of vulnerabilities in SAP products. The most common vulnerability is Missing Authorization Check. This month, three critical vulnerabilities found by ERPScan researchers Vahagn Vardanyan, Rustem Gazizov, and Diana Grigorieva were closed.
Read more..

SAP Passwords. Part 1: ABAP Secure Storage. How it works

This is the first entry in our blog series dedicated to passwords in SAP systems. We will discuss how different passwords are stored in systems, how they are protected and transmitted. It seems easy at first glance: passwords should be stored in a database. Of course this is true for regular users: their passwords are stored in databases as hashes. But it’s not that simple for the service users of SAP systems.
Read more..