Thank You!

Thank you for contacting Layer Seven Security. We will respond to your request in 1-2 business days.

Here are some recently published articles speaking to securing your SAP systems.

Equifax Data Breach: Attackers Exploited an Unapplied Security Patch, not a Zero-Day Vulnerability

Posted on
On September 15, Equifax released a statement to confirm the initial attack vector that led to the compromise of personal information relating to 143 million consumers in the US, UK and Canada targeted an Apache Struts vulnerability within a web application that supports the organization’s online dispute portal. The patch for the vulnerability had been …
Read Article Equifax Data Breach: Attackers Exploited an Unapplied Security Patch, not a Zero-Day Vulnerability

SAP Security Notes, August 2017

Posted on
Note 2381071 patches a critical cross-site Ajax vulnerability in the Prototype JS library of BusinessObjects. Ajax is a method often used by JavaScripts to exchange data between servers and clients to update parts of web pages without refreshing or reloading entire pages.  This minimizes network bandwidth usage and also improves response times through rapid operations. …
Read Article SAP Security Notes, August 2017

Discover Vulnerable System Connections with Interface Monitoring

Posted on
Interface Monitoring provides the answer to one of the most vexing questions in SAP security: where are our vulnerable cross-system connections and how do we monitor them to ensure they’re not abused by attackers? Although Interface Monitoring, also known as Interface Channel Monitoring or ICMon, has been available in SAP Solution Manager since version 7.10 …
Read Article Discover Vulnerable System Connections with Interface Monitoring

SAP Security Notes, July 2017

Posted on
Note 2442993 deals with a high-risk vulnerability in the Host Agent for SAP HANA. The Host Agent is automatically installed with every SAP instance on NetWeaver 7.02 and higher. The stand-alone component is used for controlling and monitoring SAP and non-SAP instances, databases and operating systems. Note 2442993 recommends upgrading to version 7.21 PL25 to …
Read Article SAP Security Notes, July 2017

Q&A: Cybersecurity Monitoring with SAP Solution Manager

Posted on
How does Solution Manager detect threats and vulnerabilities in SAP systems? What specific applications in SolMan are used for vulnerability, patch and threat management? What are the requirements for using these areas? How long does it take to configure? What are the differences between monitoring using SolMan 7.1 and 7.2? What are the benefits of …
Read Article Q&A: Cybersecurity Monitoring with SAP Solution Manager

SAP Security Notes, June 2017

Posted on
Note 2416119 was reissued in June with updated release information and solution instructions.  The note provides instructions for maintaining the property URLCheck ServerCertificate in Java Application Servers. The instructions are intended to mitigate the risk of man-in-the-middle attacks by securing client-server HTTPS connections. Certificates signed by Certificate Authorities should be maintained in client keystores to …
Read Article SAP Security Notes, June 2017

A First Look at Support Pack 5 of SAP Solution Manager 7.2

Posted on
Released earlier this month, Support Pack 5 for SAP Solution Manager 7.2 delivers important enhancements in several key areas. This includes support for exporting and importing solution documentation between systems, improved SAP-delivered solution blueprints, and an enhanced graphical editor for mapping business processes. SP05 also introduces a new Fiori App for Quality Gate Management in …
Read Article A First Look at Support Pack 5 of SAP Solution Manager 7.2

SAP Security Notes, May 2017

Posted on
Note 2380277 addresses a high priority memory corruption vulnerability in the GUI control component of the Internet Graphics Server (IGS). GUI control is a self-contained component of the presentation server in ABAP systems. The Note contains corrections for logical errors in memory management within the component. The errors could be exploited by attackers to extract …
Read Article SAP Security Notes, May 2017

Discover, Implement and Test Security Notes using SAP Solution Manager 7.2

Posted on
The results of the recent Verizon DBIR revealed significant differences between industries in terms of vulnerability patching. Organizations in sectors such as information technology and manufacturing typically remove over 75% of vulnerabilities within 3 weeks of detection. At the other end of the spectrum, 75% or more of vulnerabilities discovered in financial and public sector …
Read Article Discover, Implement and Test Security Notes using SAP Solution Manager 7.2

SAP Security Notes, April 2017

Posted on
Note 2419592 includes further corrections for a code injection vulnerability in TREX that was originally patched by SAP through Note 2234226 in February 2016. The vulnerability impacts the TREXNet protocol used for internal communications by TREX components and servers. TREXNet communication does not require any authentication. Therefore, the protocol can be abused to execute dangerous …
Read Article SAP Security Notes, April 2017

Get Hands-On with SAP Solution Manager 7.2 at SAPPHIRE NOW + ASUG 2017

Posted on
Attending next month’s SAPPHIRE NOW and ASUG Annual Conference? Drop by booth #1280A for a live demonstration of security monitoring using SAP Solution Manager. Learn how to schedule Service Level Reports to automatically detect vulnerabilities in your SAP systems, enable Dashboards to monitor security KPIs, detect and apply security notes using System Recommendations, monitor system interfaces with Interface …
Read Article Get Hands-On with SAP Solution Manager 7.2 at SAPPHIRE NOW + ASUG 2017

SAP Security Notes, March 2017

Posted on
Note 2424173 deals with vulnerabilities in SAP HANA that were the subject of media attention in March. This includes coverage from the television news channel MSNBC. The vulnerabilities impact areas such as User Self Service Tools that support account-related tasks including password resets and self-registration through a web interface. The Note carries a CVSS of …
Read Article SAP Security Notes, March 2017

Security KPI Monitoring with SolMan Dashboards

Posted on
SAP Fiori revolutionizes the user experience in Solution Manager 7.2. The dynamic tile-based layout replaces the work center approach in Solution Manager 7.1. In fact, since the Fiori launchpad provides direct and customizable access to applications, it virtually removes the role of work centers in Solution Manager.  Fiori and Fiori Apps are the first pillar …
Read Article Security KPI Monitoring with SolMan Dashboards

SAP Security Notes, February 2017

Posted on
Note 2410061 patches a dangerous Distributed Denial of Service (DDoS) vulnerability in the Data Orchestration Engine (DOE) Administration Portal. The DOE is used to access the SAP NetWeaver Mobile Administrator to manage and monitor mobile system landscapes. This includes connecting mobile clients, deploying agents and packages to mobile devices, managing single sign-on, and other tasks. …
Read Article SAP Security Notes, February 2017

Explore Service Level Reporting in SolMan 7.2

Posted on
Service Level Reporting (SLR) in SAP Solution Manager performs regular checks against key performance indicators using information available from the EarlyWatch Alert (EWA), Business Warehouse (BW) and the Computer Center Management System (CCMS). The checks can be for single systems or systems grouped into solutions. Reports run automatically on a weekly or monthly schedule but …
Read Article Explore Service Level Reporting in SolMan 7.2

SAP Security Notes, January 2017

Posted on
Note 2407862 deals with a highly dangerous buffer overflow vulnerability in Sybase Software Asset Management (SySAM) that scores almost 10/10 using the Common Vulnerability Scoring System.  SySAM performs license management for products such as ASE, ESP, PowerDesigner and the Replication Server. The vulnerability arises from the Flexera Flexnet Publisher software bundled in SySAM. The third …
Read Article SAP Security Notes, January 2017

RFC Hacking: How to Hack an SAP System in 3 Minutes

Posted on
RFC exploits are hardly new. In fact, some of the well-known exploits demonstrated below are addressed by SAP Notes dating back several years. However, the disturbing fact is that the measures required to harden SAP systems against such exploits are not universally applied. As a result, many installations continue to be vulnerable to relatively simple …
Read Article RFC Hacking: How to Hack an SAP System in 3 Minutes

Introducing the New Dashboard Framework for SAP Solution Manager

Posted on
Earlier this year, SAP announced the general availability of Focused Insights, an enhanced dashboard framework for SAP Solution Manager. The framework was previously only available to MaxAttention customers as part of MaxAttention Next Generation Add-On (MANGO) services but is now available for all SAP customers. The dashboards aggregate real-time and historical data collected by Solution …
Read Article Introducing the New Dashboard Framework for SAP Solution Manager

Securing Your Business: Security at SAP

Posted on
In an open letter addressed to SAP customers earlier this year, SAP CEO Bill McDermott acknowledges the “tremendous concern around information security” given the “relentless and multiplying” threat presented by increasingly sophisticated attackers. The letter introduces the SAP paper Securing Your Business that discusses security trends and outlines SAP’s response to cyber threats. According to …
Read Article Securing Your Business: Security at SAP

SAP CSO Recommends Solution Manager for Security Monitoring

Posted on
SAP Chief Security Officer, Justin Somaini, opened the first of a series of five webcasts from the America’s SAP User Group (ASUG) on the topic of SAP security. The series is intended to present SAP’s response to the growing concern over cybersecurity by discussing: The IT threat landscape and SAP’s approach to strategic security; Best-practices to safeguard both …
Read Article SAP CSO Recommends Solution Manager for Security Monitoring

Detecting SAP Cyber Attacks with SAP Solution Manager

Posted on
Despite the $75 billion spent by organizations on security software in 2015, average times to detection for cyber attacks are an astounding 170 days (DBIR, 2016). Most attacks therefore go undetected for almost six months. An incident response strategy can address this gap by enabling organizations to proactively discover and contain security incidents that could …
Read Article Detecting SAP Cyber Attacks with SAP Solution Manager