Layer Seven Security

Webinar: Threat Detection with SAP Solution Manager 7.2

How does Solution Manager perform threat detection for SAP systems? What type of events are detected? Which logs are monitored? Is this real-time or near-time monitoring?  Do you receive email and SMS notifications for alerts? How do you prevent alert flooding? How do you use guided procedures for alert handling and forensic investigations? Is it possible to customize workflows in guided procedures? How do you integrate SolMan alerts with SIEM platforms for event correlation? What are the differences between threat detection with SAP Solution Manager and SAP Enterprise Threat Detection?

Discover the answer to these and many more questions by joining Layer Seven’s webinar on March 30. Gain valuable insights that will empower you to unlock the potential of your SAP platforms from the global leaders in cybersecurity monitoring using SAP Solution Manager.



SAP Security Notes, January 2018

Note 2580634 provides instructions for removing a malicious file insertion vulnerability in the Process Control and Risk Management applications of SAP Governance, Risk and Compliance (GRC). The vulnerability could be exploited to upload malicious scripts or other forms of malware to SAP servers. The note includes manual instructions for implementing package GRFN_DOCUMENT_ WT_CHECK of the BAdI GRFN_DOCUMENT. This will activate a positive whitelist in table GRFNDOCUMENTWT to control permitted file extensions and mime types.

Note 2408073 provides updated instructions for the handling of digitally signed notes in the Note Assistant. Note 2518518 should be implemented before Note 2408073 to install new objects  required to support Notes with digital signatures. The Notes will update the Note Assistant tool to verify digital signatures using the SAPCAR utility. SAPCAR must version 7.20, patch level 2 or higher.  The Note Assistant tool will process ZIP files containing Notes downloaded from the SAP Support Portal and log the results of digital signature checks. Notes that fail the digital signature check will be logged in the Application Log (transaction SLG1) and read by the Notes Assistant using the authorization object S_APPL_LOG. For further information, refer to 2537133 – FAQ – Digitally Signed SAP Notes and the Digital Signature User Guide referenced in Note 2408073. Note 2507934 provides instructions for adjusting role SAP_BPO_CONFIG in SAP Solution Manager 7.2. The instructions restrict authorizations for table maintenance in the role to BPO-relevant tables belonging to the authorizataion groups SS, LMDB, PIMA, SA, IWAD, and SC.