November 25, 2015 / Press Release
Palo Alto, CA – November 25, 2015 Recently updated ERPScan Security Monitoring Suite for SAP now provides special templates to comply with the latest security guidelines from DSAG and ISACA.
September 17, 2015 / Blog
Last month, ISACA released the 4th edition of their book Security, Audit and Control Features SAP ERP. The previous version was published in 2009. Some updates include detailed security guides for assessing different SAP business processes. We had been waiting for ISACA’s updates since 2009, and now we would like to share some thoughts about this update.
SAP Security awareness is constantly increasing. First of all, at the BlackHat’s Pwnie Awards, on August 6, the vulnerability in SAP Compression algorithm won the first prize for the best Server-Side vulnerability. This is the second time SAP vulnerability is highlighted at the Pwnie awards. In 2013, the issue in SAP Router identified by ERPScan’s Researcher was also nominated for the best server-side vulnerability.
For the first time, let us try to speak only about defense. Thus, this article will be about different guidelines, which can help to secure your SAP system. But nothing to worry about – this post will nevertheless remain useful and interesting, even if it does not contain information about 0-days or have no words like “cyber” or “weapon” in title. So, let’s go.