Skip to content

Cybersecurity Extension for SAP
Services
Success Stories
Resources
Contact Us

Layer Seven Security Blog

Stay up to date on the latest trends in SAP security, new threats and information on protecting your critical systems against an attack

EXECUTIVE SUMMARY

Leading the Conversation in SAP Cybersecurity

Our blog is the premier resource for CISOs and SAP security and Basis specialists seeking deep technical insights into the SAP threat landscape. Our research team provides expert analysis on emerging attack vectors targeting S/4HANA, SAP RISE, and SAP BTP, as well as practical guidance on meeting global compliance standards such as NIS2 and SOX. By translating complex vulnerability disclosures into actionable defense strategies, we empower the global SAP community to harden their mission-critical environments and implement proactive monitoring frameworks that bridge the gap between SAP teams and security operations.

Recent Articles & Threat Intel

Search

Search

SAP Security Notes January 2025: Critical Vulnerabilities & Patches

SAP’s January 2025 security notes address several critical and high-risk vulnerabilities, most notably in SAP NetWeaver Application Server ABAP (AS ABAP). The release includes a critical 9.9 CVSS score patch for an authentication flaw that could allow credential theft and a separate high-risk patch for information disclosure due to a testing utility left in the

The Most Critical SAP Security Notes of 2024: A Complete Review

The most critical SAP security notes of 2024 addressed severe vulnerabilities, including two “hot news” notes with a 9.8 CVSS score. These critical patches fixed flaws like missing authentication in SAP BusinessObjects and code injection in SAP CX Commerce, which could lead to complete system compromise if left unpatched. In 2024, SAP released over 150

SAP Security in Review: Analyzing the December 2024 Patch Notes

SAP’s December 2024 security notes address several high-risk vulnerabilities, including a Hot News note for Adobe Document Services (ADS) in AS Java. This critical patch tackles multiple flaws, such as Server-Side Request Forgery (SSRF) and information disclosure, for which SAP has provided no workarounds, urging immediate updates. This month’s security advisory outlines critical and high-risk

Buyer’s Guide: SAP Enterprise Threat Detection Drawbacks & Alternatives

While SAP Enterprise Threat Detection (ETD) is SAP’s primary solution for identifying cyber attacks in its applications, it has significant drawbacks regarding infrastructure, pattern coverage, and overall security scope. These limitations make addon-based, full-suite alternatives a more efficient and comprehensive choice for many organizations. SAP ETD is a powerful tool for detecting threats in real-time

SAP Security Notes November 2024: Critical Vulnerabilities and Patches

SAP’s November 2024 Security Notes address several high-priority vulnerabilities. The most critical is a Cross-Site Scripting (XSS) flaw in the SAP Web Dispatcher that allows for full compromise. Other key patches fix privilege escalation issues in SAP PDCE and SAP Host Agent, and authorization problems in NetWeaver AS Java. This advisory summarizes the key vulnerabilities

What’s New in Cybersecurity Extension for SAP, Version 5.2?

Version 5.2 of the Cybersecurity Extension for SAP introduces significant enhancements, including comprehensive support for SAP Business Technology Platform (BTP), critical access and Segregation of Duties (SoD) monitoring for SAP ECC, and new alerts for emerging threats. This release expands real-time threat detection and compliance monitoring across modern and legacy SAP environments. The latest update provides robust

SAP Security Notes October 2024: Analysis of Critical BOBJ and High-Risk Patches

The October 2024 SAP Security Notes feature a critical update for a missing authentication check in SAP BusinessObjects (BOBJ) that can compromise SSO tickets. Other high-risk notes address a file upload vulnerability in BOBJ, open-source library issues in SAP Enterprise Project Connection, and information disclosure in NetWeaver. SAP’s October 2024 security update is led by

How to Master Security Logging and Alerting for SAP BTP

Effective security for the SAP Business Technology Platform (BTP) requires robust logging and alerting. The primary methods involve using the central Audit Log, which can be integrated with external systems via the pull-based Audit Log Retrieval API, or using the push-based SAP Alert Notification Service for real-time event notifications. Both can be unified with SIEM

SAP Security Notes September 2024: Key Vulnerabilities & Patches

SAP’s September 2024 security update addresses several key vulnerabilities, including a high-priority information disclosure flaw in SAP Commerce Cloud that could expose Personally Identifiable Information (PII). The patches also fix multiple Cross-Site Scripting (XSS) and authorization vulnerabilities across SAP NetWeaver, CRM, and Enterprise Portal, requiring immediate attention from administrators. This advisory summarizes the most significant

New Whitepaper: A Clear Path to NIS2 Compliance for SAP Solutions

A new whitepaper from Layer Seven Security provides a clear, actionable guide for achieving compliance with the EU’s NIS2 Directive for organizations running SAP. It details hardening standards, threat detection, and incident response mechanisms specifically for SAP environments, including guidance for SAP RISE, to meet the directive’s strict cybersecurity and reporting requirements. The European Union’s

SAP Security Notes August 2024: Critical Flaws in Build Apps and BOBJ

SAP’s August 2024 security advisories address several critical vulnerabilities, including a Server-Side Request Forgery (SSRF) in SAP Build Apps and a missing authentication check in SAP BusinessObjects Business Intelligence Platform (BOBJ). These high-priority patches require immediate attention to prevent potential system compromise and data leakage. The August 2024 SAP Patch Day released fixes for multiple

CrowdStrike Outage: Key Lessons for Securing SAP Solutions

The July 2024 worldwide systems outage, caused by a faulty update to CrowdStrike’s Falcon security platform, serves as a critical wake-up call for organizations running business-critical SAP solutions. The incident highlights the inherent risks of third-party security agents that operate at the kernel level, forcing a necessary re-evaluation of how to balance rapid threat response

Page1 Page2 Page3 Page4 Page5

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Solutions

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Services

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

Resources

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Recent News

Key Takeaways of the DBIR 2026 for SAP Solutions

SAP Security Notes May 2026: Supply-Chain Attack and Critical Vulnerabilities Explained

Mini Shai-Hulud: Understanding the SAP Supply Chain Malware

Key Takeaways of the DBIR 2026 for SAP Solutions

SAP Security Notes May 2026: Supply-Chain Attack and Critical Vulnerabilities Explained

Mini Shai-Hulud: Understanding the SAP Supply Chain Malware

Browse Previous Content

Copyright © 2010-2026 Layer Seven Security Inc. All rights reserved.

Sitemap Privacy Policy

The Gartner Peer Insights Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybersecurity Extension for SAP
Services
Success Stories
Resources
Contact Us