Is SAP ASE the Most Vulnerable Point in Your SAP Landscape?
SAP Adaptive Server Enterprise (ASE) is a widely-used relational database server for SAP solutions. As part of the drive to HANA, SAP is expected to withdraw support for third party databases including Oracle, IBM and Microsoft. Standard support for Oracle 19c, for example, will end in April 2024. Oracle 19c is the highest release of […]
Securing Microsoft Platforms with the Cybersecurity Extension for SAP
SAP systems consist of multiple integrated technological layers. SAP solutions comprise the application layer. The application layer is supported by database and operating system layers. The layers are closely integrated to form a software ecosystem linked through several connections including trust relationships that bond the layers to form an SAP system. The layers are more […]
Securing Oracle Databases for SAP
According to Gartner research, 70 percent of SAP customers have yet to migrate to S/4HANA. Based on current rates of adoption, SAP is unlikely to achieve its goal of migrating ECC customers to S/4HANA by 2027. As a result, the majority of SAP solutions continue to be driven by conventional databases. One of the most […]
SAP Discloses Critical Vulnerabilities in ASE Databases
SAP customers are urged to apply a series of recent patches released by SAP for the Adaptive Server Enterprise (ASE). SAP ASE, previously known as Sybase SQL Server and Sybase ASE, is a widely deployed database platform used for both SAP and non-SAP applications. According to SAP, ASE is used by over 30,000 customers worldwide, […]
Webinar: 10KBLAZE – Secure Your SAP Systems with CVA and SolMan
According to a recent report, thousands of SAP installations may be vulnerable to 10KBLAZE exploits targeting SAP applications. Join SAP and Layer Seven Security to learn how to secure your SAP systems against the exploits with SAP Code Vulnerability Analyzer (CVA) and SAP Solution Manager. CVA performs static code analysis to detect vulnerabilities in custom […]
Securing Administrative Access in SAP AS Java
The misuse of administrative privileges is a common method used by attackers to compromise applications and propagate attacks to connected systems. The elevated privileges granted to administrative accounts are a prized target for attackers and provide a fast path to accessing or modifying sensitive data, programs and system settings. User privileges for Java applications are […]
Secure, Patch & Respond: Security Analytics with SAP Web Intelligence
SAP Web Intelligence enables users to visualize and manage security risks in SAP systems using interactive reports delivered through an intuitive web interface. Powered by the BusinessObjects platform, Web Intelligence connects directly to data sources in SAP Solution Manager to convey system vulnerabilities, missing security notes and open alerts using dynamic charts and graphs and […]
Security in SAP HANA
SAP HANA is now deployed by over 7,500 organizations worldwide. While this represents only a fraction of the 300,000 companies that use SAP software globally, adoption is growing rapidly, doubling in 2015 alone. As expected, the introduction of SAP Business Suite 4 SAP HANA (S/4HANA) has accelerated this growth by widening the use-case for SAP […]
Are 95 percent of SAP systems really vulnerable to cyber attack?
Earlier this month, SAP issued a strongly-worded response to claims made by the software vendor Onapsis in a press release that over 95 percent of SAP systems assessed by Onapsis were exposed to vulnerabilities that could lead to the compromise of SAP systems. According to SAP, “The press release published by Onapsis is aimed at […]
Five Logs that Could Reveal a Data Breach in your SAP Systems
One of the most important discoveries uncovered by security researchers investigating the recent data breach at Anthem is that the original compromise may have occurred as early as April 2014, nine months before the breach was discovered by the organisation. The attack has led to the loss of personal information impacting over 80 million individuals. […]