Skip to content

Cybersecurity Extension for SAP
Services
Success Stories
Resources
Contact Us

Layer Seven Security Blog

Stay up to date on the latest trends in SAP security, new threats and information on protecting your critical systems against an attack

EXECUTIVE SUMMARY

Leading the Conversation in SAP Cybersecurity

Our blog is the premier resource for CISOs and SAP security and Basis specialists seeking deep technical insights into the SAP threat landscape. Our research team provides expert analysis on emerging attack vectors targeting S/4HANA, SAP RISE, and SAP BTP, as well as practical guidance on meeting global compliance standards such as NIS2 and SOX. By translating complex vulnerability disclosures into actionable defense strategies, we empower the global SAP community to harden their mission-critical environments and implement proactive monitoring frameworks that bridge the gap between SAP teams and security operations.

Recent Articles & Threat Intel

Search

Search

SAP Security Notes December 2025: Analysis of Critical Patches

SAP’s December 2025 security update includes three “Hot News” notes that patch critical vulnerabilities. These address a code injection flaw in SAP Solution Manager (SolMan), a deserialization vulnerability in SAP jConnect, and multiple issues in Apache Tomcat within SAP Commerce Cloud. Organizations should prioritize applying these patches to mitigate the risk of exploitation. This advisory

What’s New in the Cybersecurity Extension for SAP Version 2.0?

Version 2.0 of the Cybersecurity Extension for SAP is now available, introducing major enhancements to protect business-critical SAP solutions. Key updates include support for SAP NetWeaver AS Java, powerful anomaly detection capabilities, over 400 new threat detection patterns, and updated compliance checks for the latest SAP security benchmarks. Executive Summary Layer Seven Security’s release of the Cybersecurity

SAP Security Alert: Critical Patches for November 2025

SAP’s November 2025 security update includes critical patches for code execution, code injection, and insecure deserialization vulnerabilities. Key systems affected are SAP SQL Anywhere, SAP Solution Manager, and SAP NetWeaver AS Java. Administrators should prioritize the application of these patches to mitigate significant security risks. The November 2025 SAP Security Notes address several severe vulnerabilities

How to Conduct Penetration Testing for SAP RISE & Cloud ERP

Penetration testing for SAP RISE and Cloud ERP requires formal coordination with SAP Enterprise Cloud Services (ECS). Customers cannot test independently and must submit a formal request through the SAP support portal at least six weeks in advance, defining the scope, timeline, and testing provider. This process ensures testing adheres to SAP’s Rules of Engagement.

SAP Security Notes October 2025: Critical Vulnerabilities and Patches

SAP’s October 2025 security update addresses several critical and high-risk vulnerabilities, including two “Hot News” notes for insecure deserialization in SAP NetWeaver AS Java. These patches are crucial for preventing arbitrary OS command execution and protecting system integrity across multiple SAP products. This advisory summarizes the most significant patches released in October 2025. Key fixes

How to Find Workarounds for SAP Security Notes When Patching Isn’t an Option

When you can’t apply an official SAP patch for a vulnerability, workarounds are essential for mitigating risk. You can often identify these workarounds by analyzing the SAP Security Note itself. Details in the Symptom, Solution, and CVSS sections reveal clues, such as impacted objects to disable or access vectors to block through network filtering and

SAP Security Notes September 2025: Critical CVSS 10.0 Flaw in NetWeaver AS Java

SAP’s September 2025 security update includes the critical Hot News note 3634501, which addresses a CVSS 10/10 insecure deserialization vulnerability in SAP NetWeaver AS Java. This flaw could allow an attacker to execute arbitrary OS commands, leading to a full compromise of the affected Java systems. The SAP Security Notes for September 2025 are headlined

Layer Seven Security’s Cybersecurity Extension Named Top SAP Solution for 2025

Layer Seven Security’s Cybersecurity Extension for SAP has been named the Top SAP Cybersecurity Solution for 2025 by the Cybersecurity Review. The solution was selected for its superior integrated coverage, exceptional customer support, and competitive licensing costs, distinguishing it from competitors like Onapsis, Security Bridge, and Pathlock. The international publication, with nearly 300,000 subscribers, conducted a detailed analysis

SAP Security Notes August 2025: Critical Code Injection Flaws Patched

SAP’s August 2025 security update addresses multiple critical vulnerabilities, including two code injection flaws in SAP S/4HANA with CVSS scores of 9.9. These vulnerabilities, patched by notes 3581961 and 3627998, could allow attackers to install backdoors, bypassing all authorization checks and leading to full system compromise. The August 2025 SAP Patch Day delivered fixes for

Layer Seven Security’s Cybersecurity Extension Named Top SAP Solution for 2025

Layer Seven Security’s Cybersecurity Extension for SAP has been named the Top SAP Cybersecurity Solution for 2025 by the Cybersecurity Review. The solution was selected for its superior integrated coverage, exceptional customer support, and competitive licensing costs, distinguishing it from competitors like Onapsis, Security Bridge, and Pathlock. The international publication, with nearly 300,000 subscribers, conducted a detailed analysis

SAP Security Notes, July 2025: Critical Patches for Deserialization and Code Injection

The July 2025 SAP Security Notes feature several “hot news” patches for critical insecure deserialization vulnerabilities in SAP NetWeaver AS Java components. The most severe issue is a 10.0 CVSS score vulnerability in SAP SRM, alongside a critical code injection flaw in S/4HANA and SCM that could allow for a full system takeover. SAP’s July

What’s New in the Cybersecurity Extension for SAP, Version 5.3

Version 5.3 of the Cybersecurity Extension for SAP (CES) is now available, delivering major enhancements for SAP vulnerability management and threat detection. This release introduces comprehensive monitoring for the SAP Cloud Connector, updates to key compliance frameworks including SAP RISE, and emergency patches for zero-day vulnerabilities like CVE-2025-31324. The latest release of the Cybersecurity Extension for SAP

Page1 Page2 Page3 Page4 Page5

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Contact Us
Request a Demo
Our Company
Our Customers
Our Success Stories

Solutions

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Cybersecurity Extension for SAP
Product Comparison

Services

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

SAP RISE Security Compliance
Cybersecurity Assessment
Code Vulnerability Assessments
Penetration Testing

Resources

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Threat Reports & Advisories
Whitepapers
News

Recent News

SAP Security Notes, May 2026

Mini Shai-Hulud: Malware Targeting the Software Supply Chain for SAP Development Tools

From SAP Logs to Security Intelligence: Integrating SAP with Splunk

SAP Security Notes, May 2026

Mini Shai-Hulud: Malware Targeting the Software Supply Chain for SAP Development Tools

From SAP Logs to Security Intelligence: Integrating SAP with Splunk

Browse Previous Content

Copyright © 2010-2026 Layer Seven Security Inc. All rights reserved.

Sitemap Privacy Policy

The Gartner Peer Insights Logo is a trademark and service mark of Gartner, Inc., and/or its affiliates, and is used herein with permission. All rights reserved. Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cybersecurity Extension for SAP
Services
Success Stories
Resources
Contact Us