Skip to content
Layer Seven Security Logo
  • Cybersecurity Extension for SAP
    • Product Information
    • Features
      • SAP RISE Security
      • S/4HANA Migration Security
      • Code Vulnerability Analysis for SAP
      • SIEM Integration for SAP
      • NIS2 Compliance for SAP
      • Virtual Patching for SAP
    • Buyers Guide
  • Services
    • SAP RISE Security Compliance
    • SAP Cybersecurity Assessment
    • SAP Penetration Testing
    • SAP Code Vulnerability Assessment
  • Success Stories
  • Resources
    • Case Studies
    • Whitepapers
    • News
    • Threat Reports & Advisories
  • Contact Us
Book a Demo
Book a Demo
Layer Seven Security Logo
Menu Icon

Layer Seven Security Blog

Stay up to date on the latest trends in SAP security, new threats and information on protecting your critical systems against an attack

EXECUTIVE SUMMARY

Leading the Conversation in SAP Cybersecurity

Our blog is the premier resource for CISOs and SAP security and Basis specialists seeking deep technical insights into the SAP threat landscape. Our research team provides expert analysis on emerging attack vectors targeting S/4HANA, SAP RISE, and SAP BTP, as well as practical guidance on meeting global compliance standards such as NIS2 and SOX. By translating complex vulnerability disclosures into actionable defense strategies, we empower the global SAP community to harden their mission-critical environments and implement proactive monitoring frameworks that bridge the gap between SAP teams and security operations.

Recent Articles & Threat Intel

Search

SAP Security Advisory: Summary of Critical Notes for February 2024

SAP’s February 2024 Security Patch Day addressed several critical and high-priority vulnerabilities across its product landscape, including a Hot News note for a code injection flaw. Key patches were released for SAP Application Basis (ABA), NetWeaver Application Server (AS) Java, SAP Cloud Connector, and SAP CRM. Administrators should prioritize the immediate application of these security

Read Article

What is the SAP Cybersecurity Buyers Guide from SAPinsider?

The SAP Cybersecurity Buyers Guide from SAPinsider is an independent, expert-led assessment designed to help organizations evaluate technology vendors and consultants for SAP security. It provides critical insights into the capabilities required to protect mission-critical SAP environments against modern threats like ransomware, unauthorized access, and data breaches. Executive Summary As SAP landscapes evolve toward cloud-based

Read Article

SAP Security Notes January 2024: Critical Vulnerabilities and Patches

The SAP Security Notes for January 2024 addressed several critical vulnerabilities, including two “Hot News” privilege escalation flaws in SAP Business Application Studio and Edge Integration Cell. A high-priority Denial of Service vulnerability in SAP NetWeaver’s ICM and a code injection flaw in the Application Interface Framework were also patched. This summary covers the key

Read Article

SAP Security Advisory: Critical Patches for December 2023

SAP’s December 2023 security update includes critical patches for an OS command injection vulnerability in SAP S/4HANA and ECC, and high-risk vulnerabilities in the SAP Business Technology Platform (BTP). Organizations should prioritize the review and application of these notes to mitigate significant security risks. This advisory summarizes the key vulnerabilities and the required actions for

Read Article

SAP Security Notes November 2023: Critical Business One Flaw and NetWeaver Patches

The SAP Security Notes for November 2023 featured a critical “Hot News” patch for a missing authentication vulnerability in SAP Business One, which registered a 9.6 CVSS score. Other key updates addressed a Cross-Site Request Forgery (CSRF) vulnerability in SAP Sybase and two separate information disclosure issues in SAP NetWeaver ABAP and Java servers. This

Read Article

Security with SAP RISE: A Guide to the Shared Responsibility Model

In the SAP RISE model, security is a shared partnership. SAP manages the security of the underlying cloud infrastructure, including the hyperscaler environment, network, servers, and databases. The customer retains full responsibility for securing the application and data layers, which includes managing custom code, user access, and threat monitoring. While SAP provides a secure foundation,

Read Article

SAP Security Notes: October 2023 Critical Updates

October 2023 SAP security updates addressed several critical and high-priority vulnerabilities, most notably a privilege escalation flaw in the SAP Common Cryptographic Library. Administrators are advised to update their systems, specifically applying Note 3340576, to secure impacted products including SAP NetWeaver, S/4HANA, and the SAP HANA Database. The October 2023 SAP security patch cycle targeted

Read Article

Maximize Your SAP Security Budget: How to Cut Costs Without Downgrading Cybersecurity

Organizations can maximize their SAP security budgets by shifting from costly third-party tools to native SAP Application Lifecycle Management (ALM) platforms. By eliminating redundant solutions, automating manual patching and compliance audits, tuning security alerts to reduce noise, and streamlining incident response, teams can improve their security posture while simultaneously lowering operational costs. Executive Summary Economic

Read Article

SAP Security Notes: September 2023 Vulnerability Summary

The September 2023 SAP Security Notes address critical and high-priority vulnerabilities affecting the SAP BusinessObjects Intelligence Platform (BOBJ) and the SAP Common Crypto Library. These patches remediate risks including code injection, information disclosure, cross-site scripting (XSS), and denial of service (DoS) attacks that could compromise system integrity. Executive Summary In September 2023, SAP released critical

Read Article

How to Protect SAP Systems Against Ransomware

SAP systems are not immune to ransomware and can be compromised through vulnerable operating systems, insecure protocols, and exploited trust relationships. In response to recent high-profile breaches at companies like MGM Resorts and Caesars Entertainment, Layer Seven Security has released an updated guide to help organizations prevent, detect, and recover from ransomware attacks within their

Read Article

SAP Security Notes: August 2023 Vulnerability Summary

The August 2023 SAP security updates address multiple critical vulnerabilities, most notably in SAP PowerDesigner, which faces a 9.8/10 CVSS-rated access control flaw. Other patches resolve issues in SAP Message Server, SAP BusinessObjects Business Intelligence (BOBJ), SAP SQL Anywhere, and SAP Commerce Cloud, requiring immediate attention to prevent unauthorized access and system compromise. Executive Summary

Read Article

New SEC Rules For Cybersecurity Incident and Risk Management Disclosures

The Securities and Exchange Commission (SEC) issued a final rule on July 26, 2023, requiring public companies to disclose material cybersecurity incidents on Form 8-K within four business days of discovery. Additionally, companies must provide annual disclosures in Form 10-K regarding their processes for identifying, assessing, and managing cybersecurity risks and governance. This regulatory update,

Read Article
« Page1 … Page4 Page5 Page6 Page7 Page8 … Page27 »
Layer Seven Security Logo
  • Contact Us
  • Request a Demo
  • Our Company
  • Our Customers
  • Our Success Stories
  • Contact Us
  • Request a Demo
  • Our Company
  • Our Customers
  • Our Success Stories
  • Contact Us
  • Request a Demo
  • Our Company
  • Our Customers
  • Our Success Stories
  • Contact Us
  • Request a Demo
  • Our Company
  • Our Customers
  • Our Success Stories
Solutions
  • Cybersecurity Extension for SAP
  • Product Comparison
  • Cybersecurity Extension for SAP
  • Product Comparison
  • Cybersecurity Extension for SAP
  • Product Comparison
  • Cybersecurity Extension for SAP
  • Product Comparison
Services
  • SAP RISE Security Compliance
  • Cybersecurity Assessment
  • Code Vulnerability Assessments
  • Penetration Testing
  • SAP RISE Security Compliance
  • Cybersecurity Assessment
  • Code Vulnerability Assessments
  • Penetration Testing
  • SAP RISE Security Compliance
  • Cybersecurity Assessment
  • Code Vulnerability Assessments
  • Penetration Testing
  • SAP RISE Security Compliance
  • Cybersecurity Assessment
  • Code Vulnerability Assessments
  • Penetration Testing
Resources
  • Threat Reports & Advisories
  • Whitepapers
  • News
  • Threat Reports & Advisories
  • Whitepapers
  • News
  • Threat Reports & Advisories
  • Whitepapers
  • News
  • Threat Reports & Advisories
  • Whitepapers
  • News
Recent News

SAP Security Notes, July 2026

Security Logging for SAP BTP

SAP Security Notes, June 2026

SAP Security Notes, July 2026

Security Logging for SAP BTP

SAP Security Notes, June 2026

Browse Previous Content
Copyright © 2010-2026 Layer Seven Security Inc. All rights reserved.

Sitemap    Privacy Policy

The Gartner Peer Insights Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Layer Seven Security Logo
  • Cybersecurity Extension for SAP
    • Product Information
    • Features
      • SAP RISE Security
      • S/4HANA Migration Security
      • Code Vulnerability Analysis for SAP
      • SIEM Integration for SAP
      • NIS2 Compliance for SAP
      • Virtual Patching for SAP
    • Buyers Guide
  • Services
    • SAP RISE Security Compliance
    • SAP Cybersecurity Assessment
    • SAP Penetration Testing
    • SAP Code Vulnerability Assessment
  • Success Stories
  • Resources
    • Case Studies
    • Whitepapers
    • News
    • Threat Reports & Advisories
  • Contact Us