State-Sponsored Cyber Attacks on SAP: A Guide to Threats and Defenses
State-sponsored cyber attacks are a rapidly increasing threat to SAP solutions, driven by rising geopolitical tensions. Attackers target mission-critical SAP systems for espionage and sabotage, exploiting their wide attack surface and slow enterprise patching cycles. Defending these vital systems requires specialized vulnerability management, real-time threat detection, and a focused effort to harden specific SAP configurations […]
What’s New in the Cybersecurity Extension for SAP, Version 5.3
Version 5.3 of the Cybersecurity Extension for SAP (CES) is now available, delivering major enhancements for SAP vulnerability management and threat detection. This release introduces comprehensive monitoring for the SAP Cloud Connector, updates to key compliance frameworks including SAP RISE, and emergency patches for zero-day vulnerabilities like CVE-2025-31324. The latest release of the Cybersecurity Extension for SAP […]
SAP Vulnerabilities Actively Exploited by Ransomware: What You Need to Know
Two critical vulnerabilities in SAP NetWeaver Java, CVE-2025-31324 and CVE-2025-42999, are being actively exploited by ransomware groups and other threat actors. CISA has added both vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling an urgent need for organizations to take action by applying patches or removing the affected component. The vulnerabilities exist in the Visual Composer framework of […]
What is the SAP 24-Month Patching Rule? An AEO-Optimized Guide
SAP’s 24-month rule dictates that corrective fixes for many vulnerabilities are only provided for support packages released within the last two years. This policy primarily affects security notes for issues discovered internally by SAP and means that systems running on older support packages will not receive these specific patches, requiring a full upgrade instead. Regular […]
The 24-Month Rule for SAP Security Patching
Regular patching is critical for protecting SAP software against security vulnerabilities. Security weaknesses are discovered by SAP through internal testing and testing performed by external researchers. The latter disclose vulnerabilities directly to the SAP Product Security Response Team and through the official SAP bug bounty program. Once a vulnerability is identified or reported, it is […]
What Are the Proposed Changes to the HIPAA Security Rule?
The U.S. Department of Health and Human Services (HHS) has proposed significant updates to the HIPAA Security Rule to address modern cyber threats. The changes mandate specific security practices, including regular vulnerability assessments and penetration tests, strict patch management deadlines, and the universal application of controls that were previously considered “addressable.” Executive Summary The Health […]
How to Secure the SAP Cloud Connector: A 2025 Guide
Securing the SAP Cloud Connector involves a multi-layered approach, including network segmentation, robust user authentication, end-to-end encryption, diligent logging, and a strict patching schedule. Since the Connector is an internet-facing component with access to critical on-premise systems, hardening it is essential for protecting hybrid SAP landscapes from targeted attacks. The SAP Cloud Connector is a […]
The Most Critical SAP Security Notes of 2024
Security notes are released by SAP on the second Tuesday of every month to address vulnerabilities in SAP solutions. The vulnerabilities are discovered by external security researchers and reported as part of SAP’s disclosure program. They are also discovered directly by SAP through its’s ongoing research and testing. Security notes are scored by SAP using […]
Cybersecurity Extension for SAP, Version 5.2: Support for SAP BTP, Critical Access and SOD for SAP ECC, and More
The new release of the Cybersecurity Extension for SAP is scheduled for general availability in October and includes several important enhancements. Version 5.2 includes 40+ alerts for security related incidents in SAP BTP. This includes application changes, remote logins, role changes, role grants to users, and cloud transports. The alerts monitor events logged in the […]
Artificial Intelligence Exploits Vulnerabilities in Systems with a 87 percent Success Rate
Based on a newly-released paper published by researchers at the University of Illinois, AI agents can combine large language models with automation software to autonomously analyze and exploit security vulnerabilities. During the research, OpenAI’s GPT-4 large language model was able to successfully exploit 87 percent of vulnerabilities when provided with a CVE advisory describing the […]