Mini Shai-Hulud: Malware Targeting the Software Supply Chain for SAP Development Tools
On April 30, SAP released SAP Security Note 3747787 in response to the discovery of malicious code in npm packages connected to SAP development tools. The code is part of a malware campaign labelled Mini Shai-Hulud targeting the software supply chain for SAP cloud development. Shai-Hulud is a reference to the sandworms from the fictional […]
How to Deploy the Cybersecurity Extension for SAP on SAP Build Work Zone
Deploying the Cybersecurity Extension for SAP on SAP BTP involves a three-stage process that takes approximately 45 minutes. First, prepare the SAP BTP subaccount, ensuring the Cloud Connector, destinations, and entitlements are correctly configured. Next, use the Cloud Foundry CLI to deploy the provided .mtar file. Finally, configure SAP Build Work Zone by importing the […]
What Are the Key Security Risks in RISE with SAP? Findings from the 2025 Benchmark Report
The SAPinsider RISE with SAP 2025 benchmark report reveals a critical security gap: widespread customer non-compliance with the shared responsibility model. The most significant failure is not implementing SAP’s mandatory security hardening requirements, leaving cloud ERP systems vulnerable and exposing organizations to significant operational, legal, and and reputational risk. The report, based on a survey of 122 […]
What’s New in the Cybersecurity Extension for SAP Version 2.0?
Version 2.0 of the Cybersecurity Extension for SAP is now available, introducing major enhancements to protect business-critical SAP solutions. Key updates include support for SAP NetWeaver AS Java, powerful anomaly detection capabilities, over 400 new threat detection patterns, and updated compliance checks for the latest SAP security benchmarks. Executive Summary Layer Seven Security’s release of the Cybersecurity […]
How to Conduct Penetration Testing for SAP RISE & Cloud ERP
Penetration testing for SAP RISE and Cloud ERP requires formal coordination with SAP Enterprise Cloud Services (ECS). Customers cannot test independently and must submit a formal request through the SAP support portal at least six weeks in advance, defining the scope, timeline, and testing provider. This process ensures testing adheres to SAP’s Rules of Engagement. […]
How to Secure the SAP Cloud Connector: A 2025 Guide
Securing the SAP Cloud Connector involves a multi-layered approach, including network segmentation, robust user authentication, end-to-end encryption, diligent logging, and a strict patching schedule. Since the Connector is an internet-facing component with access to critical on-premise systems, hardening it is essential for protecting hybrid SAP landscapes from targeted attacks. The SAP Cloud Connector is a […]
Security Logging and Alerting for SAP BTP
SAP BTP is a cloud platform that is intended to decouple SAP customizations required by customers from underlying SAP solutions. As part of SAP’s drive for a clean core and to promote a modular architecture, BTP enables organizations to enhance and extend the capabilities of their SAP solutions by deploying custom code, integrations and other […]