It is beyond debate that processes, and data hosted in SAP are one of a company’s most valuable assets. Organizations cannot afford (avoidable) outages caused by miss communication or a lack of coordination amongst project teams. In reality, challenges do occur frequently, and conflicts get…
You are the CISO of a global brand and your network has been compromised. Your most valuable assets are in SAP and you have no idea if your systems have been infiltrated. Now what? Which SAP doors were opened and are the systems compromised? This…
The fact you started reading this blog probably means that you have an interest in SAP security, and I'm pretty sure you're well aware of the potential threats to SAP systems . All too often we see SAP security vendors and service providers using scaremongering…
The human element within the organization is probably the most neglected element in the organizational cyber defense strategy." Exactly this topic we covered at GRC 2018, held in Prague.   Download the used session material.  
SAP security is a great challenge and will be a challenge for many years to come. In order to thoroughly secure an SAP application, all of its components (i.e. SAP HANA) and potential threats need to be understood. SAP security is multi-layered, its building blocks…
At Cyber Security for SAP customers Las Vegas (2017) and Prague (2018) I touched upon the point of identity theft. Especially when one has legitimate access to one single box within a large SAP enterprise landscape it may not be a major challenge for a…
In this article, we would like to explain what known-unknowns or unknown-unknowns are and how those affect your SAP security risk. In February 2002 already, the former United States Secretary of Defense, Donald Rumsfeld, answered a question with the following statement:    Reports that say…
Rock climbers know, any missed step while preparing for the next climb can mean the difference between to live or to die. This equation also applies to security. In this blog article, we like to give you one example of how to use the Action…