Search
Publications

Volume V: Our Crown Jewels Online – Attacks targeting SAP Web Applications

Download

While the comment, SAP platforms are only accessible internally, was true in many organizations more than a decade ago, today, driven by modern business requirements for interconnectivity, SAP systems are very often connected to the Internet. This scenario dramatically increases the universe of possible attackers, as malicious attackers can remotely try to compromise the organization’s SAP platform.

SAP provides different Web technologies, such as the Enterprise Portal, the Internet Communication Manager (ICM) and the Internet Transaction Server (ITS), which may be prone to specific security risks.

This issue analyzes possible attack vectors to SAP Web components and the mitigation measures that need to be taken in order to prevent them. This information will enable organizations to better protect their business-critical infrastructure against cyber-attacks performed over Web scenarios.

Back to Publications
Further Reading
Publications
Volume XVII: Remote Function Call: The Whole Picture
The aim of this publication is to fully introduce and explain the concept of Remote Function Call (RFC) and the impact on...
Read More
Publications
Volume XVI: SAP®️ Security In-Depth: Switchable Authorization Checks: New Workbench and Scenarios
Switchable Authorization Checks is a solution provided by SAP that allows developers to deliver authorization changes in...
Read More
Publications
Volume XV: SAP® Security In-Depth: Preventing Cyberattacks Against SAP Solution Manager
Highlighted in a recent IDC survey of 430 IT decision makers, 64% of organizations have experienced a breach of their ERP...
Read More

©2024 Onapsis | All rights reserved

?>