In February 2017, SAP released Security Note 2413716 regarding configuration changes to secure Trusted RFC for GRC Access Control (AC) Emergency Access Management (EAM), which was a High Priority note. The EAM module provides SAP GRC AC with the ability to determine how access can be granted in case of an emergency, however, you must…

SAP HANA is being pushed by SAP as the absolute in-memory database for its products and more recently, as a standalone platform. The vast majority of companies who have already adopted it are leveraging its capabilities to support business-critical applications. Due to its nature, SAP HANA stores an organization’s most important assets, thus requiring large…

SAP HANA is being pushed by SAP as the absolute in-memory database for its products and more recently as a standalone platform. The vast majority of companies who have already adopted it are leveraging its capabilities to support business-critical applications. Due to its nature, SAP HANA stores an organization’s most important assets, thus requiring large…

When thinking of SAP security we tend to always think of SAP servers and pay little attention to the tools used by end-users that connect to most of our SAP Systems, as well as the way those tools are used. Outside the SAP security world it is well accepted that attackers are no longer targeting…

Every organization running SAP to support its business-critical processes has typically implemented several systems in complex scenarios. Depending on the sizeof the company, the number of SAP Systems, Instances and Products used can be quite large. All of these systems are interconnected and there are different components involved in regards to the connections such as…