Security Patch Alert From US Department of Homeland Security
When you build a data center you look for a location in a safe but accessible area. You don’t typically choose locations next to chemical plants, high crime areas and you don’t advertise with your...
View ArticleGenerated Analytic Privileges from BW Analysis Authorizations
Hi Experts, I need some information. We are using BW on HANA in our landscape. In BW, DSOs are being used as info provider. While activating DSOs, our developers select the check box "External SAP...
View ArticleClik here to view.
SAP Security Audit Logs: Which event types should I enable? There are 90 of...
When activating SAP security logs, the audit event types which must be activated are a topic of much discussion. Often the security/audit teams want to have all event types enabled and BASIS teams are...
View ArticleJoin the Upcoming DSAG Webinars of the Working Group “Identity Management &...
Don’t miss the upcoming DSAG webinars about single sign-on, identity management, and other security-related topics. SAP’s security experts from Product Management and Development will be presenting the...
View ArticleWhere to find the transction related other Transctions
Hi i am using transaction code st03 every user using last three months t-codes collected,and create one singel role and add transaction codes and authorizationa is full and genrate profile and...
View ArticleClik here to view.
Introduction to Semantic Events and Attributes
Messages from the multiple log sources that feed into SAP Enterprise Threat Detection are normalized, so that you can search across logs. This blog is the first in a series that explains the normalized...
View ArticleClik here to view.
SAP Enterprise Threat Detection integrated into Hewlett Packard Enterprise...
Hewlett Packard Enterprise (HPE) ArcSight is widely deployed by a lot of customers and is used in Security Operations Centers (SOC). Numerous connectors exist to collect events from networking devices,...
View ArticleSAP Password Policy in NW ABAP for group of users?
Hi Is it possible to setup a policy for SAP passwords in NW ABAP system, which is specific to a group of users. For example, 100 users might have password expiry after 90 days but rest of users in...
View ArticleCreate PFCG role for maintaining the context authorization objects.
Hello Experts, I am a CRM developer and I am facing a requirement to implement the structural authorizations.I have created an authorization profile in table T77PR and then assigned my user to it in...
View ArticleCreating users in Active Directory through LDAP connector
Hello,If we need to create users in Active directory using LDAP connector, what are the options for the following: 1) Update back into SAP from AD. LDAP connector updates only in one direction i.e from...
View ArticleMissing authorization and CRM-ECC role issue
Hello Experts, I have two queries related to Security:1) I have a scenario where under SU53 screen shot, under S_Develop Auth Obj., I can find 5 fields as(Missing Authorization)ACTVT : 03DEVCLASS:...
View ArticleMissing authorization and CRM-ECC role issue
Hello Experts, I have two queries related to Security:1) I have a scenario where under SU53 screen shot, under S_Develop Auth Obj., I can find 5 fields as (Missing Authorization)ACTVT : 03DEVCLASS:...
View ArticleABAP error with SNC: User ID is mandatory if neither user nor user alias is...
Hello there, I am executing RFC via SNC with SSO from Java to ABAP. With JCo 3.0.9, I see error messages like this: Error calling RFC "foobaz". The following ABAP error occurred when reading...
View ArticleTrying to make the SSLv3 and TLS protocols coexist
I have a customer who wants to remove their vulnerability to (among other things) POODLE by getting rid of SSLv3 for communicating with external vendors via their PI system, by restricting traffic to...
View ArticleHow can i activate TLS 1.1+ on SAP AS JAVA 7.31 client-side?
I only know sap note"510007 - Setting up SSL on Application Server ABAP". If i apply the informations of this note to AS JAVA, "The built-in defaults for the client-side enables only SSLv3 + TLSv1.0...
View ArticleSOD check without GRC
Hi Guys, We dont have a GRC system in place. Can someone advise how to address SOD while designing Security roles? Thanks
View ArticleClik here to view.
Featured Content in Security
Join our new Customer Engagement Initiative: Identity and Access Provisioning for Cloud ApplicationsIf your company is extending business processes with SAP cloud offerings and if you are interested in...
View ArticleClik here to view.
Introduction to Semantic Events and Attributes
Messages from the multiple log sources that feed into SAP Enterprise Threat Detection are normalized, so that you can search across logs. This blog is the first in a series that explains the normalized...
View ArticleClik here to view.
SAP Enterprise Threat Detection integrated into Hewlett Packard Enterprise...
Hewlett Packard Enterprise (HPE) ArcSight is widely deployed by a lot of customers and is used in Security Operations Centers (SOC). Numerous connectors exist to collect events from networking devices,...
View ArticleSAP Security Assessment Research and Development
Hi All, I am writing a SAP Self Security Assessment Framework. This will be released publicly for SAP security community to use. The framework will be a step-by-step guide for security assessment. It...
View Article