Skip to content

Cybersecurity Extension for SAP
Services
Success Stories
Resources
Contact Us

Layer Seven Security Blog

Stay up to date on the latest trends in SAP security, new threats and information on protecting your critical systems against an attack

EXECUTIVE SUMMARY

Leading the Conversation in SAP Cybersecurity

Our blog is the premier resource for CISOs and SAP security and Basis specialists seeking deep technical insights into the SAP threat landscape. Our research team provides expert analysis on emerging attack vectors targeting S/4HANA, SAP RISE, and SAP BTP, as well as practical guidance on meeting global compliance standards such as NIS2 and SOX. By translating complex vulnerability disclosures into actionable defense strategies, we empower the global SAP community to harden their mission-critical environments and implement proactive monitoring frameworks that bridge the gap between SAP teams and security operations.

Recent Articles & Threat Intel

Search

Search

SAP Security Notes, April 2026

Hot news note 3719353 patches a critical SQL injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse. The vulnerability arises from insufficient authorization checks for user uploads in a specific ABAP program. The fix included in the note deactivates executable code within the ABAP program, preventing any execution pathway. With the code

Now on SAP BTP: Access the Cybersecurity Extension for SAP on SAP Build Work Zone

The Cybersecurity Extension for SAP provides an SAP Fiori user experience that is usually deployed using the embedded Fiori model. The embedded model combines backend and frontend components in the same system. The model reduces landscape complexity, removes external communication for service calls, and can improve response times and stability. From an operations perspective, the

Layer Seven Security Achieves CyberSecure Certification

Layer Seven Security has successfully achieved certification under the CyberSecure Canada program, reinforcing the company’s commitment to maintaining a strong cybersecurity posture and applying recognized baseline security controls across its operations. For customers that rely on SAP systems to support business-critical processes, the certification provides independent validation that Layer Seven Security operates within a structured

SAP Security Notes, March 2026

Hot news note 3698553 patches a critical command injection vulnerability in Apache Log4j bundled in SAP Quotation Management Insurance. The package assembly for the FS-QUO-scheduler module of the application should be updated to a secure version. As a workaround, the Java archive file log4j-1.2.17.jar. can be deleted in the {FS-QUO-scheduler}/lib directory. Hot news note 3714585

State-Sponsored Cyber Attacks: An Increasing Threat to SAP Solutions

State-sponsored cyber attacks are an increasing threat to organizations amid rising geopolitical tensions. According to the 2025 State of Information Security Report, 88% of cybersecurity and information security leaders express concern over state-sponsored cyber attacks. The concerns are driven by recent dramatic increases in the volume of threat activity attributed to state sponsored threat actors.

SAP Security Notes, February 2026

Hot news note 3697099 patches a critical code injection vulnerability in SAP S/4HANA and SAP CRM. The vulnerability can be exploited by attackers to execute arbitrary SQL statements by calling function modules using the Scripting Editor. As a workaround, the Scripting Editor can be disabled by deactivating the service CRM_IC_ISE ICF in the sap/bc/bsp/sap service

Digital Operational Resilience Act (DORA) Compliance for SAP Solutions

The Digital Operational Resilience Act (DORA) is a regulation that mandates standards for cybersecurity and operational resilience in the financial sector within the European Union (EU). It provides standards for governing risks in Information and Communications Technology (ICT) to ensure banks, insurers, investment firms, and other financial institutions are able to deliver critical services by effectively

SAP Security Notes, January 2026

Hot news note 3687749 patches a critical SQL injection vulnerability that can be exploited to read, modify, and delete data used in the Financials component of SAP S/4HANA. The solution in the note prevents the injection of user-controlled input in SQL queries using input validation to remove the vulnerability. A workaround is also detailed in

Key Security Findings from the RISE with SAP 2025 Benchmark Report

SAPinsider’s RISE with SAP 2025 benchmark report, co-sponsored by Layer Seven Security, was released in December. Based on a survey of 122 SAPinsider community members conducted between August and November 2025, the study focuses on customer adoption of SAP Cloud ERP Private (formerly referenced in the survey as RISE with SAP) and the factors shaping

SAP Security Notes, December 2025

Hot news note 3685270 patches a code injection vulnerability in SAP Solution Manager (CVE-2025-42880). The vulnerability impacts all support pack levels for Solution Manager 7.2 (SolMan). The patch introduces input validation to secure the relevant vulnerable remote-enabled function module. Customers should consider migrating application monitoring and lifecycle management functions to SAP Cloud ALM and decommission

What’s New in the Cybersecurity Extension for SAP Version 2.0

Building upon the successful release of the initial version of the NetWeaver Edition of the Cybersecurity Extension for SAP earlier this year, Layer Seven Security is pleased to announce the upcoming availability of version 2.0. The new release includes important enhancements including support for SAP NetWeaver AS Java, anomaly detection to identify unusual or suspicious

SAP Security Notes, November 2025

Hot news note 3666261 patches a critical code execution vulnerability in SAP SQL Anywhere. The correction removes the SQL Anywhere Monitor. The note recommends switching to the SQL Anywhere Cockpit for database administration. Hot news note 3668705 addresses a code injection vulnerability in SAP Solution Manager arising from missing input validation for a vulnerable remote-enabled

Page1 Page2 Page3 Page4 Page5

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Solutions

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Services

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

Resources

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Recent News

SAP Security Notes, April 2026

Now on SAP BTP: Access the Cybersecurity Extension for SAP on SAP Build Work Zone

Layer Seven Security Achieves CyberSecure Certification

SAP Security Notes, April 2026

Now on SAP BTP: Access the Cybersecurity Extension for SAP on SAP Build Work Zone

Layer Seven Security Achieves CyberSecure Certification

Browse Previous Content

Copyright © 2010-2026 Layer Seven Security Inc. All rights reserved.

Sitemap Privacy Policy

The Gartner Peer Insights Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.

Cybersecurity Extension for SAP
Services
Success Stories
Resources
Contact Us