Security Logging for SAP BTP
As adoption of SAP BTP grows, so does the need to maintain trust in the business processes that depend on the platform. As organizations increasingly rely on BTP to extend SAP functionality and support analytics, automation, integration, and AI-enabled innovation, it becomes essential to monitor security-relevant events across global accounts, subaccounts, connections, integrations, and application […]
Mini Shai-Hulud: Understanding the SAP Supply Chain Malware
Mini Shai-Hulud is a malware campaign that targeted the software supply chain for SAP cloud development by injecting malicious code into specific npm packages. Active for a few hours on April 29, 2026, the attack was designed to steal sensitive credentials, including GitHub tokens, npm tokens, and cloud credentials from developers using these tools. This […]
How to Deploy the Cybersecurity Extension for SAP on SAP Build Work Zone
Deploying the Cybersecurity Extension for SAP on SAP BTP involves a three-stage process that takes approximately 45 minutes. First, prepare the SAP BTP subaccount, ensuring the Cloud Connector, destinations, and entitlements are correctly configured. Next, use the Cloud Foundry CLI to deploy the provided .mtar file. Finally, configure SAP Build Work Zone by importing the […]
What Are the Key Security Risks in RISE with SAP? Findings from the 2025 Benchmark Report
The SAPinsider RISE with SAP 2025 benchmark report reveals a critical security gap: widespread customer non-compliance with the shared responsibility model. The most significant failure is not implementing SAP’s mandatory security hardening requirements, leaving cloud ERP systems vulnerable and exposing organizations to significant operational, legal, and and reputational risk. The report, based on a survey of 122 […]
What’s New in the Cybersecurity Extension for SAP Version 2.0?
Version 2.0 of the Cybersecurity Extension for SAP is now available, introducing major enhancements to protect business-critical SAP solutions. Key updates include support for SAP NetWeaver AS Java, powerful anomaly detection capabilities, over 400 new threat detection patterns, and updated compliance checks for the latest SAP security benchmarks. Executive Summary Layer Seven Security’s release of the Cybersecurity […]
How to Conduct Penetration Testing for SAP RISE & Cloud ERP
Penetration testing for SAP RISE and Cloud ERP requires formal coordination with SAP Enterprise Cloud Services (ECS). Customers cannot test independently and must submit a formal request through the SAP support portal at least six weeks in advance, defining the scope, timeline, and testing provider. This process ensures testing adheres to SAP’s Rules of Engagement. […]
How to Secure the SAP Cloud Connector: A 2025 Guide
Securing the SAP Cloud Connector involves a multi-layered approach, including network segmentation, robust user authentication, end-to-end encryption, diligent logging, and a strict patching schedule. Since the Connector is an internet-facing component with access to critical on-premise systems, hardening it is essential for protecting hybrid SAP landscapes from targeted attacks. The SAP Cloud Connector is a […]
How to Master Security Logging and Alerting for SAP BTP
Effective security for the SAP Business Technology Platform (BTP) requires robust logging and alerting. The primary methods involve using the central Audit Log, which can be integrated with external systems via the pull-based Audit Log Retrieval API, or using the push-based SAP Alert Notification Service for real-time event notifications. Both can be unified with SIEM […]