Thank You!

We have received your message. We will contact within 1-2 business days to schedule the demonstration.

Here are some recently published articles speaking to securing your SAP systems.

Prevent and Detect Ransomware Attacks with SAP Solution Manager

Posted on
Ransomware attacks accounted for one third of malware-based cyber attacks in the first quarter of 2020. Successful attacks encrypt and block access to files in compromised systems. Decryption keys for recovery of the files are typically only released after ransom demands are paid, usually in the form of untraceable cryptocurrencies. The impact of ransomware includes …
Read Article Prevent and Detect Ransomware Attacks with SAP Solution Manager

SAP Security Notes, July 2020

Posted on
Hot News Note 2934135 patches the critical RECON vulnerability in NetWeaver Application Server Java (AS Java). RECON targets a missing authentication flaw in the LM Configuration Wizard of AS Java to execute malicious code that creates administrative users in compromised systems. Attackers can exploit RECON to compromise not only AS Java systems but also connected …
Read Article SAP Security Notes, July 2020

RECON: Secure Your Systems with SAP Solution Manager

Posted on
US-CERT issued Alert AA20-195A on Monday for the so-called RECON (Remotely Exploitable Code On NetWeaver) vulnerability in SAP NetWeaver Application Server Java (AS Java). RECON impacts versions 7.3 and higher of AS Java including an estimated 40,000 SAP systems. Based on a BinaryEdge search, 4,000 of the impacted systems are internet-facing. The vulnerability is rated …
Read Article RECON: Secure Your Systems with SAP Solution Manager

SAP Security Notes, June 2020

Posted on
Hot News note 2928570 patches a critical remote code execution vulnerability in SAP Liquidity Management for Banking. The vulnerability impacts connections using the Apache JServ Protocol (AJP) in Apache Tomcat. AJP connections should be blocked if not required by disabling the AJP Connector. The connections can be exploited to read and process arbitrary files in …
Read Article SAP Security Notes, June 2020

Anomaly Detection with Cybersecurity Extension for SAP

Posted on
Threat detection is commonly performed through rules or signature-based pattern matching. Detection engines compare actual events with patterns of malicious events to discover indicators of compromise (IOCs).  IOCs discovered by detection engines typically trigger an alarm or alert for a suspected security breach. Pattern matching is a tried and tested method to identify known exploits …
Read Article Anomaly Detection with Cybersecurity Extension for SAP

SAP Security Notes, May 2020

Posted on
Hot News Note 2835979 patches a critical code injection vulnerability in Service Data Download. The vulnerability can be exploited by attackers to inject malicious code into the ST-PI plugin for NetWeaver Application Server ABAP (AS ABAP). This could lead to the complete compromise of ABAP servers.  The vulnerability carries a base CVSS score of 9.9/10 …
Read Article SAP Security Notes, May 2020

Visualize Security Risks for SAP Systems with Threat Maps

Posted on
Threat Maps in SAP Solution Manager visualize security vulnerabilities, missing patches and open alerts for SAP systems across geolocations. They provide a fast and intuitive way to display and interact with security information for SAP landscapes that span multiple cities, countries, or regions. System data is maintained in the Landscape Management Database (LMDB) of SAP …
Read Article Visualize Security Risks for SAP Systems with Threat Maps

SAP Security Notes, April 2020

Posted on
Hot news note 2863731 provides updated correction instructions for a critical deserialization vulnerability in the enterprise Business Objects platform. The Crystal Reports .Net SDK WebForm Viewer in Business Objects could enable attackers with basic authorization to execute deserialization attacks. This could be exploited to perform malicious code execution. Note 2904480 patches a significant input validation …
Read Article SAP Security Notes, April 2020

Automating SAP Audits with Solution Manager

Posted on
According to IDC, 80% of ERP applications are audited at least once every 12 months. Driven by regulatory requirements, audits can drain valuable resources from projects targeted at business growth. They can also lead to audit fatigue and undermine relationships between IT and audit stakeholders. Compliance Reporting in SAP Solution Manager enables organizations to automate …
Read Article Automating SAP Audits with Solution Manager

Layer Seven Security Recognized as Top 25 Cyber Security Company

Posted on
Layer Seven Security has been selected by a panel of experts and members of the CIO Applications editorial board for inclusion in the Top 25 Cyber Security Companies for 2020. The annual list is compiled by CIO Applications to recognize and promote organizations that provide cutting-edge cybersecurity solutions. CIO Applications is a Silicon Valley industry …
Read Article Layer Seven Security Recognized as Top 25 Cyber Security Company

SAP Security Notes, March 2020

Posted on
Hot News note 2845377 patches a missing authentication check in the Diagnostics Agent. The Agent is a component of the Solution Manager landscape. It commonly connects to the Java server in Solution Manager through the J2EE Message Server HTTP port. This is recommended by SAP. However, it can also connect to Solution Manager using a …
Read Article SAP Security Notes, March 2020

Security Forensics with SAP Solution Manager

Posted on
Security Forensics in SAP Solution Manager supports centralized log monitoring for SAP landscapes. The Fiori application from Layer Seven Security enables users to analyze incidents across multiple logs and systems directly from Solution Manager, helping organizations to detect and respond to security breaches. It also protects against anti-forensics.  Since event logs are replicated to a …
Read Article Security Forensics with SAP Solution Manager

SAP Security Notes, February 2020

Posted on
Note 2841053 patches a high risk Denial of Service (DOS) Vulnerability in the SAP Host Agent. Username/password-based authentication requests for the SAP Host Agent are delegated to operating systems or LDAP, Active Directory and other authentication platforms. Operating systems and authentication platforms often include mechanisms to limit parallel logon requests in order to protect against …
Read Article SAP Security Notes, February 2020

Webinar Playback: SIEM Integration for SAP

Posted on
Security Information and Event Management (SIEM) systems support centralized security monitoring across networks. They ingest and analyze data from hosts, routers, switches, firewalls and other components to identify and respond to security threats. SIEM systems can ingest data directly from SAP application logs. However, direct integration is complex and laborious. It also requires high maintenance …
Read Article Webinar Playback: SIEM Integration for SAP

Prevent Configuration Drift with SAP Solution Manager

Posted on
Maintaining system security in dynamic SAP environments is a constant challenge. New users are added every day. Permissions for existing users are constantly updated to keep up with changing requirements. Software updates, transports and other changes introduce new components or developments and often necessitate changes to system settings. With each change, even hardened systems can …
Read Article Prevent Configuration Drift with SAP Solution Manager

SAP Security Notes, January 2020

Posted on
Note 2822074 patches a missing authorization check in the Business Object Repository (BOR) of SAP NetWeaver Application Server ABAP. The note introduces the switchable authorization check objects S_BOR_RFC and S_BOR_PRX to supplement the generic S_RFC authorization. The new objects should be activated using transaction SACF to secure remote access to BOR. Note 2844646 is a …
Read Article SAP Security Notes, January 2020

Whitepaper: SIEM Integration for SAP

Posted on
Download the new whitepaper for SAP-SIEM integration from Layer Seven Security. The whitepaper outlines recommended settings for the Security Audit Log, HANA audit log, and other logs to support advanced threat detection. It discusses the challenges of direct integration of SAP logs with SIEM systems in terms of complexity, log volume, maintenance, and event correlation. …
Read Article Whitepaper: SIEM Integration for SAP

SAP Security Notes, December 2019

Posted on
Note 2871877 patches multiple high priority vulnerabilities in Maintenance, Repair, and Overhaul (MRO) Workbenches in SAP Enterprise Asset Management (EAM). This includes missing authorizations checks for authenticated users that could lead to an escalation of privileges, and directory traversal caused by insufficient path validation. The latter vulnerability could enable attackers to read, overwrite, delete, or …
Read Article SAP Security Notes, December 2019

Season’s Greetings

Posted on
2019 was a stellar year. In case you missed them, check out the enhancements we rolled out during the year >  CVA – SolMan Integration – Monitor vulnerabilities in your custom programs using SAP Code Vulnerability Analyzer and SAP Solution Manager >  Fiori Reports & Dashboards – Manage vulnerabilities and threats directly from the SAP Fiori …
Read Article Season’s Greetings

SAP Security Notes, November 2019

Posted on
Hot News Note 2839864 updates Note 2808158 for a high risk OS Command Injection vulnerability in the SAP Diagnostics Agent. The vulnerability exists within the OS Command Plugin of the Agent, accessible through transaction GPA_ADMIN and the OS Command Console. Note 2839864 provides a patch for the LM_SERVICE for Support Pack levels 6-9 of the …
Read Article SAP Security Notes, November 2019