Skip to content

Cybersecurity Extension for SAP
Services
Success Stories
Resources
Contact Us

Layer Seven Security Blog

Stay up to date on the latest trends in SAP security, new threats and information on protecting your critical systems against an attack

EXECUTIVE SUMMARY

Leading the Conversation in SAP Cybersecurity

Our blog is the premier resource for CISOs and SAP security and Basis specialists seeking deep technical insights into the SAP threat landscape. Our research team provides expert analysis on emerging attack vectors targeting S/4HANA, SAP RISE, and SAP BTP, as well as practical guidance on meeting global compliance standards such as NIS2 and SOX. By translating complex vulnerability disclosures into actionable defense strategies, we empower the global SAP community to harden their mission-critical environments and implement proactive monitoring frameworks that bridge the gap between SAP teams and security operations.

Recent Articles & Threat Intel

Search

Search

SAP HANA: The Challenges of In-Memory Computing

This article is an extract from the forthcoming white paper entitled Security in SAP HANA by Layer Seven Security. The paper is scheduled for release in November 2013. Please follow this link to download the publication. According to research performed by the International Data Corporation (IDC), the volume of digital information in the world is

Layered Defenses in Oracle 12c: The New Benchmark for Database Security

Oracle databases support more than two thirds of SAP deployments in mid to large size enterprises. Oracle’s domination of the SAP database market is due to a widely regarded performance edge in areas such as compression, availability and scalability. Oracle databases are also optimized for SAP technology as a result of a long-standing partnership between

Organisations are not effectively addressing IT security and compliance risks according to accounting professionals

The results of the 2013 Top Technology Initiatives Survey revealed that securing IT environments against cyber attack and managing IT risks and compliance are rated as two of the three greatest challenges in technology by accounting professionals in North America. The survey was performed jointly by the AICPA and CPA, the largest accounting organisations in

Introducing the ABAP Test Cockpit: A New Level of ABAP Quality Assurance

The ABAP Test Cockpit (ATC) is SAP’s new framework for Quality Assurance. It performs static and unit tests for custom ABAP programs and introduces Quality-Gates (Q-Gates) for transport requests. ATC was unveiled at last year’s SAP TechEd. The entire session including a live demo can be viewed below. Following a successful pilot, it was released

A Dangerous Flaw in the SAP User Information System (SUIM)

Customers that have yet to implement Security Note 1844202 released by SAP on June 10 should do so immediately. The Note deals with a vulnerability that could be exploited to bypass monitoring controls designed to detect users with privileged access, including the SAP_ALL profile. This profile can be used to provide users with almost all

Lloyds 2013 Risk Index: Cyber Risk Rated as the Third Most Significant Risk by Board Executives

The recent wave of sophisticated and targeted data breaches has led global business leaders to recognize cyber risk as one of the most significant threats faced by corporations today. According to the Lloyds 2013 Risk Index released this week, “Cyber security now sits squarely towards the top of the agenda for boards around the world”.

Exploring the SAP DIAG Protocol

One of the most memorable events at last year’s BruCON in Belgium was Martin Gallo’s expose of the SAP DIAG protocol. The session can be viewed in its entirety below. DIAG (Dynamic Information and Action Gateway) is a proprietary protocol supporting client-server communication and links the presentation (SAP GUI) and application (NetWeaver) layer in SAP

Securing Your SAP Systems: How to Counter Every Current and Emerging Threat

One of the highlights of the Sapphire conference earlier this month was the insightful session on SAP security delivered by Gordon Muehl, Senior Vice President of Product Security at SAP. A recording of the session can be viewed below. The session highlighted the threat presented to Internet-enabled SAP systems by external agents and stressed the

Verizon Data Breach Investigations Report (DBIR) 2013: ‘This isn’t a threat you can afford to ignore’

The breadth and depth of the 2013 Verizon Data Breach Investigations Report (DBIR) is unprecedented. Released this Monday, the reports brings together the investigations performed by nineteen law enforcement agencies, research institutions and private security firms that combat data breaches including the European Cybercrime Centre (EC3), U.S Secret Service and the Department of Homeland Security.

Countering the Threat of Corporate Espionage

According to the results of a survey released by HBGary during the recent 2013 RSA Conference in San Francisco, more than 70 percent of American investors are interested in reviewing the cybersecurity practices of public companies and nearly 80 percent would not invest in companies with a history of cyberattacks. The survey of 405 U.S.

International Corporate Espionage: Annual Cost of Intellectual Property Theft Estimated at $250 Billion for U.S Economy

According to NSA Director General Keith Alexander, cyber-espionage has led to â€œthe greatest transfer of wealth in history.â€ This is supported by not only a recent report by Symantec, which places the cost of intellectual property theft in the United States at $250 billion a year, but a prominent report on cyber-espionage released by Mandiant

Lessons from the Top Ten Data Breaches of 2012: Defense-in-Depth for SAP Systems

According to the Privacy Rights Clearinghouse (PRC), there were 680 reported data breaches in 2012 covering all forms of commercial, governmental, educational, medical and non-profit organizations. The breaches are estimated to have compromised over 27M data records. The most significant breach occurred at VeriSign. Although the extent of the breach has never been disclosed

Page1 Page2 Page3 Page4 Page5

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Solutions

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Services

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

Resources

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Recent News

SAP Security Notes, April 2026

Now on SAP BTP: Access the Cybersecurity Extension for SAP on SAP Build Work Zone

Layer Seven Security Achieves CyberSecure Certification

SAP Security Notes, April 2026

Now on SAP BTP: Access the Cybersecurity Extension for SAP on SAP Build Work Zone

Layer Seven Security Achieves CyberSecure Certification

Browse Previous Content

Copyright © 2010-2026 Layer Seven Security Inc. All rights reserved.

Sitemap Privacy Policy

The Gartner Peer Insights Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybersecurity Extension for SAP
Services
Success Stories
Resources
Contact Us