Layer Seven Security Blog
Stay up to date on the latest trends in SAP security, new threats and information on protecting your critical systems against an attack
Securing Administrative Access in SAP AS Java
The misuse of administrative privileges is a common method used by attackers to compromise applications and propagate attacks to connected systems. The elevated privileges granted to administrative accounts are a prized target for attackers and provide a fast path to accessing or modifying sensitive data, programs and system settings. User privileges for Java applications are …
SAP Security Notes, March 2019
Note 2764283 addresses an XML External Entity vulnerability in SAP HANA extended application services (XS), advanced. HANA XS does not sufficiently validate an XML document accepted from an authenticated developer with privileges to the SAP space. Successful exploitation of the vulnerability could lead to the leading of arbitrary files in SAP servers or denial of …
Code Vulnerability Management with SAP Solution Manager
Custom Code Management (CCM) in SAP Solution Manager can enable you to take control of custom developments by providing transparency into custom objects in your SAP systems and analyzing the usage of custom code. It can also provide insights into security vulnerabilities in custom objects and packages. CCM provides an overview of the custom developments …
SAP Security Notes, February 2019
Hot News Note 2742027 patches a critical broken authentication check in SAP HANA Extended Application Services, advanced model. The vulnerability could lead to unauthorized administrative access and the exfiltration, modification or deletion of sensitive data in HANA XS. The vulnerability carries a CVSS score of 9.4/10. It ranks relatively low in terms of attack complexity …
Cyber Espionage Warning: 30% Growth in Targeted Attacks
The findings of the annual Internet Security Threat Report indicate that the number of organizations targeted by advanced hacking groups increased by almost one third between 2015 and 2018. The groups have not only substantially increased their cyber-espionage operations, they are also deploying increasingly sophisticated tactics against a growing number of sectors. National hacking groups such …
SAP Security Notes, January 2019
Hot News Note 2696233 deals with multiple vulnerabilities in the SAP Cloud Connector. The Connector is an agent that connects on premise systems with applications operating on the SAP Cloud Platform. The agent supports HTTP, RFC, JDBC/ODBC and other connections between on-premise and cloud installations using reverse invoke without requiring inbound ports to be opened …
Database Security with the Cybersecurity Extension for SAP
Protecting SAP systems against cyber threats requires integrated measures applied not just within the SAP layer but across the technology stack including network, operating system, and database components. As repositories of business-critical and sensitive information, databases warrant specific attention for hardening and monitoring efforts. This includes identifying and addressing configuration weaknesses, excessive privileges, and weak …
SAP Security Notes, December 2018
Hot News Note 2711425 patches a critical Cross-Site Scripting (XSS) vulnerability in SAP Hybris Commerce storefronts. The vulnerability could be exploited by attackers to modify web content and compromise user-related authentication data. It affects versions 6.2 through 6.7 and 18.08 of SAP Hybris Commerce, including all but the latest patch releases. The vulnerability carries a …
Layer Seven Security Recognized as an SAP Cybersecurity Leader
Layer Seven Security has been named as the leading SAP cybersecurity provider in the 2018 Top 10 SAP Solution Providers. According to the source of the study, Layer Seven Security provide a “unique and innovative approach to securing business-critical SAP systems against cyber threats”. The study recognizes Layer Seven as an “innovative force in the …
Webinar Recording: Security Analytics with SAP Web Intelligence
Watch the webinar replay to learn how to visualize security risks in your SAP systems using interactive reports in SAP Web Intelligence. Powered by the BusinessObjects platform, Web Intelligence connects directly to data sources in SAP Solution Manager to convey system vulnerabilities, missing security notes and open alerts using dynamic charts and graphs and detailed …
SAP Security Notes, November 2018
Hot News Note 2622660 includes critical security updates for web browser controls delivered with SAP Business Client. The Client provides a unified environment for SAP applications including Fiori, SAP GUI, and Web Dynpro. It supports browser controls from Internet Explorer (IE) and Chrome for displaying HTML content. Security corrections for the WebBrowser control of the …
Webinar: Security Analytics with SAP Web Intelligence
Thu, Dec 13, 2018 11:00 AM – 12:00 PM EST Learn how to visualize security risks in your SAP systems using interactive reports in SAP Web Intelligence. Powered by the BusinessObjects platform, Web Intelligence connects directly to data sources in SAP Solution Manager to convey system vulnerabilities, missing security notes and open alerts using dynamic …
Secure, Patch & Respond: Security Analytics with SAP Web Intelligence
SAP Web Intelligence enables users to visualize and manage security risks in SAP systems using interactive reports delivered through an intuitive web interface. Powered by the BusinessObjects platform, Web Intelligence connects directly to data sources in SAP Solution Manager to convey system vulnerabilities, missing security notes and open alerts using dynamic charts and graphs and …
SAP Security Notes, October 2018
Hot News note 2654905 patches a high risk information disclosure vulnerability in the SAP BusinessObjects BI Suite. The execution of specific CMS queries on the Central Management Server could bypass authorization checks and lead to the leakage of sensitive data. The vulnerability scores 9.8/ 10 based on the Common Vulnerability Scoring System v3 (CVSS). Patches …
Coming Soon: Security Reporting with SAP Web Intelligence
SAP Web Intelligence (WebI) provides a platform for self-service reporting that enables users to analyze and visualize data from SAP systems using an intuitive, interactive and web-based interface. WebI supports BEx queries to connect to security-related data in Business Warehouse within Solution Manager. Users can create dynamic reports with embedded dashboards to monitor and manage …
How to Comply with the DHS Recommendations for Securing SAP Systems from Cyber Attacks
In response to the dramatic rise of cyber attacks targeting ERP applications, the United States Department of Homeland Security (DHS) issued a warning earlier this year that encouraged organizations to respond to the risks targeted at their business applications by implementing specific measures to secure, patch and monitor SAP systems. The measures included scanning for …
SAP Security Notes, September 2018
Note 2681207 patches a high-risk missing XML validation vulnerability in Extended Application Services (XS) in SAP HANA. The OData parser in HANA XS does not sufficiently validate XML input from users. This can lead to the processing of malicious code that could provoke a denial of service in the database server. The vulnerability can be …
SAP Security Notes, August 2018
There were several high priority Security Notes released in August for vulnerabilities impacting multiple Business Intelligence applications. Note 2569748 patches an XML External Entity vulnerability in Crystal Reports for Enterprise. Note 2614229 deals with a memory corruption vulnerability in the BOBJ platform that can be triggered by a buffer overflow. Note 2644154 provides corrections for …
SolMan-SIEM Integration for Advanced Threat Detection
SAP Solution Manager monitors real-time event information in SAP logs to automatically detect and trigger alerts for specific Indicators of Compromise (IOCs). This includes events written to the security audit log, system log, gateway server log, change document log, HTTP log, transaction log, SAProuter log, Java security log and the HANA audit log. Alerts are …
SAP Security Notes, July 2018
Notes 2017041 and 2016974 patch high-risk information disclosure vulnerabilities in SAP Environment, Health & Safety Management (EHSM). The vulnerabilities could be exploited to leak sensitive information stored or processed by the transactional Fiori apps Inspect Safety Controls and Retrieve Safety Information. The apps support the performance and tracking of safety control inspections. Note 2641674 provides …
DHS Issues Warning for Cyber Attacks Targeting SAP Applications
The United States Department of Homeland Security issued a warning this week for malicious cyber activity targeting ERP applications including SAP. The warning is based on the findings of a recent report issued by Digital Shadows. The report discusses the dramatic rise in cyber attacks on widely used ERP applications. The report echoes the findings of …
SAP Security Notes, June 2018
Hot News Note 2622660 includes critical security updates for web browser controls delivered with SAP Business Client. The Client provides a unified environment for SAP applications including Fiori, SAP GUI, and Web Dynpro. It supports browser controls from Internet Explorer (IE) and Chrome for displaying HTML content. Security corrections for the WebBrowser control of the …
U.S Treasury Sanctions ERPScan
Earlier this week, the United States Treasury issued an Executive Order to prohibit U.S organizations from engaging with ERPScan, a subsidiary of Digital Security and a provider of security software and services for SAP systems. According to a press release issued by the Treasury, Digital Security “provided material and technological support to Russia’s Federal Security …
Top Five Tips for System Recommendations
System Recommendations in SAP Solution Manager connects directly to SAP Support for real-time patch updates. It also connects to each system within SAP landscapes to monitor patch levels. SysRec downloads corrections for security vulnerabilities from SAP Support to each system and integrates with other areas in Solution Manager for change impact analysis, change management, and …