State-Sponsored Cyber Attacks: An Increasing Threat to SAP Solutions
State-sponsored cyber attacks are an increasing threat to organizations amid rising geopolitical tensions. According to the 2025 State of Information Security Report, 88% of cybersecurity and information security leaders express concern over state-sponsored cyber attacks. The concerns are driven by recent dramatic increases in the volume of threat activity attributed to state sponsored threat actors. […]
What’s New in the Cybersecurity Extension for SAP, Version 5.3
The new release of the Cybersecurity Extension for SAP (CES) is in general availability and includes several important enhancements for SAP vulnerability management and threat detection. Version 5.3 includes patterns for detecting indicators of compromise in the SAP Cloud Connector. The Connector is an agent that links SAP BTP applications with on-premise SAP systems. As […]
SAP Vulnerability Actively Exploited by Ransomware Groups and Threat Actors
CVE-2025-31324 for the zero-day vulnerability in SAP NetWeaver was officially added to the Known Exploited Vulnerabilities (KEV) catalog by the United States Cybersecurity and Infrastructure Security Agency (CISA) on April 29. CVE-2025-42999 was also added to the KEV catalog on May 15. Both CVEs address critical vulnerabilities in the Visual Composer framework in SAP NetWeaver […]
SAP Zero Day Vulnerability CVE-2025-31324 / Security Note 3594142
On April 22, ReliaQuest released details of a zero-day vulnerability that the company discovered during investigations into customer incidents involving the upload and execution of malicious files in SAP NetWeaver Java systems. According to the findings of the investigation, threat actors were able to take full control of the target systems by exploiting a vulnerability […]
The 24-Month Rule for SAP Security Patching
Regular patching is critical for protecting SAP software against security vulnerabilities. Security weaknesses are discovered by SAP through internal testing and testing performed by external researchers. The latter disclose vulnerabilities directly to the SAP Product Security Response Team and through the official SAP bug bounty program. Once a vulnerability is identified or reported, it is […]
Proposed Changes to the Security Rule for HIPAA Compliance
The Health Insurance Portability and Accountability Act (HIPAA) is a federal law in the United States that establishes minimum standards for securing Protected Health Information (PHI) including electronic PHI (ePHI). It applies to all organizations that store, process or transmit PHI for U.S citizens. PHI includes specific personal and health identifiers such as names, email […]
Securing the SAP Cloud Connector
The SAP Cloud Connector is an agent that links SAP BTP applications with on-premise SAP systems. As a reverse proxy, it enables internal systems to connect securely with BTP services without exposing the systems to direct external access. Permitted connections between BTP resources and backend systems can be maintained directly in the Cloud Connector rather […]
The Most Critical SAP Security Notes of 2024
Security notes are released by SAP on the second Tuesday of every month to address vulnerabilities in SAP solutions. The vulnerabilities are discovered by external security researchers and reported as part of SAP’s disclosure program. They are also discovered directly by SAP through its’s ongoing research and testing. Security notes are scored by SAP using […]
Cybersecurity Extension for SAP, Version 5.2: Support for SAP BTP, Critical Access and SOD for SAP ECC, and More
The new release of the Cybersecurity Extension for SAP is scheduled for general availability in October and includes several important enhancements. Version 5.2 includes 40+ alerts for security related incidents in SAP BTP. This includes application changes, remote logins, role changes, role grants to users, and cloud transports. The alerts monitor events logged in the […]
Artificial Intelligence Exploits Vulnerabilities in Systems with a 87 percent Success Rate
Based on a newly-released paper published by researchers at the University of Illinois, AI agents can combine large language models with automation software to autonomously analyze and exploit security vulnerabilities. During the research, OpenAI’s GPT-4 large language model was able to successfully exploit 87 percent of vulnerabilities when provided with a CVE advisory describing the […]