Close

Have questions?

Contact us today.

Subscribe me to your mailing list

XML eXternal Entity vulnerability

SAP Security Notes August 2015 – Review

SAP has released the monthly critical patch update for August 2015. This patch update closes 22 vulnerabilities in SAP products, 15 have high priority, some of them belong to the SAP HANA security area. The most popular vulnerability is Cross Site Scripting (XSS). This month, three critical vulnerabilities found by ERPScan researchers Dmitry Chastukhin, Vahagn Vardanyan, Roman Bezhan were closed.

Read more..

SAP Security Notes June 2015 – Review

SAP has released the monthly critical patch update for June 2015. This patch update closes a lot of vulnerabilities in SAP products. The most common vulnerability is Missing Authorization Check. This month, three critical vulnerabilities found by ERPScan researchers Vahagn Vardanyan, Rustem Gazizov, and Diana Grigorieva were closed.
Read more..

SAP Security Notes May 2015 – Review

SAP has released the monthly critical patch update for May 2015. This patch update closes a lot of vulnerabilities in SAP products, some of them belong to the SAP HANA security area. This month, three critical vulnerabilities found by ERPScan researchers Dmitry Chastukhin and Vahagn Vardanyan were closed.
Read more..

SAP Mobile Platform Security: Introduction

Mobile devices are actively integrated into business processes. Companies have more and more business applications and mobile devices. Employees increasingly bring their own equipment to the workplace (BYOD policy – Bring Your Own Device) and gain access to critical corporate information.

SAP Mobile Platform (or SMP, formerly called Sybase Unwired Platform, or SUP) is an MEAP (Mobile Enterprise Application Platform) solution. SMP is used for monitoring and controlling applications which are installed on mobile phones and have access to business data. The main goal of SMP is providing business data to mobile devices with enterprise cybersecurity. Platform capabilities allow users to work with data from SAP business applications using mobile applications both online and offline. This data can be accessed through all modern mobile devices. Android, Blackberry, iPhone / iPad and Windows / Windows Mobile devices are used by end users. Installed client applications are connected to SMP. These programs can be found on Play Market, Apple Store, or Windows Store.

Read more..

SAP Security Notes February 2015

SAP has released the monthly critical patch update for February 2015. This month, four critical vulnerabilities found by ERPScan researchers Dmitry Chastukhin, Dmitry Evdokimov, George Nosenko, and Vahagn Vardanyan were closed.
Read more..