Thank You!

Thank you for contacting Layer Seven Security. We will respond to your request in 1-2 business days.

Here are some recently published articles speaking to securing your SAP systems.

SAP Security Notes – August 2016

Posted on
Note 2319506 addresses a blind SQL injection vulnerability in Database Monitors for Oracle. The vulnerability impacts all versions of SAP Basis and rates extremely high on the impact scale using the common vulnerability scoring system. Content-based and time-based blind SQL injection is used by attackers to determine when input is interpreted as a SQL statement. …
Read Article SAP Security Notes – August 2016

Three Reasons You Should Budget for SAP Breach Costs

Posted on
The average cost of a data breach has now surpassed $4 million. This is according to the latest study from the Ponemon Institute issued earlier this month. The study surveyed 383 organizations in 12 countries. It revealed that not only are data breach costs increasingly across the board, the probability that organizations will suffer a breach …
Read Article Three Reasons You Should Budget for SAP Breach Costs

Security in SAP HANA

Posted on
SAP HANA is now deployed by over 7,500 organizations worldwide. While this represents only a fraction of the 300,000 companies that use SAP software globally, adoption is growing rapidly, doubling in 2015 alone. As expected, the introduction of SAP Business Suite 4 SAP HANA (S/4HANA) has accelerated this growth by widening the use-case for SAP …
Read Article Security in SAP HANA

US-CERT Issues Alert for SAP Invoker Servlet Vulnerability

Posted on
US-CERT published an alert yesterday to warn SAP customers of the dangers posed by the invoker servlet vulnerability in AS Java systems. According to the alert, there is evidence to suggest that SAP systems at 36 organizations have been exploited by the vulnerability. The organizations are based in the United States, United Kingdom, Germany, China, …
Read Article US-CERT Issues Alert for SAP Invoker Servlet Vulnerability

How to Visualize Cyber Security Risks in Your Systems with SAP Lumira

Posted on
SAP Lumira can be used to access, visualize and explore data of any size from virtually any source. It enables users to build and share powerful interactive data visualizations using a simple user-friendly interface. Since Lumira can acquire data and enable users to create customized reports through self-service, it removes the need for programming, scripting …
Read Article How to Visualize Cyber Security Risks in Your Systems with SAP Lumira

How to Block RFC Callback Attacks in Your SAP Systems

Posted on
Callback attacks exploit weaknesses in RFC security to execute function modules in calling systems. The impact of such attacks can be severe, ranging from the creation of dialog users with system-wide privileges to modifying or extracting sensitive data. This can occur if client systems execute malicious code within the function modules of connected systems. In …
Read Article How to Block RFC Callback Attacks in Your SAP Systems

Survey Reveals 65 percent of SAP Platforms Were Breached Between 2014-15

Posted on
Earlier this week, the Ponemon Institute released the results of the most comprehensive study performed to date on the state of SAP cybersecurity. The Institute is widely known for the annual Cost of Data Breach report that trends average data breach costs across major countries. However, it also performs a variety of other studies related …
Read Article Survey Reveals 65 percent of SAP Platforms Were Breached Between 2014-15

Cybersecurity Targets in China’s New Five Year Plan

Posted on
The details of China’s latest five year plan covering the period between 2016-2020 are expected to be released next month but early indications suggest it will focus upon reducing China’s reliance on foreign technology. Intelligence agencies and security researchers contend there is a strong correlation between industries targeted for growth by China and industries that suffer data …
Read Article Cybersecurity Targets in China’s New Five Year Plan

What’s New in the SAP Cybersecurity Framework 3.0

Posted on
Released earlier this month, the third version of the SAP Cybersecurity Framework includes important changes in the areas of transport layer security, logging and monitoring, and vulnerability management. It also discusses the most significant hack against SAP systems to date: the devastating data breach suffered by U.S Investigation Services (USIS). USIS performed background checks on …
Read Article What’s New in the SAP Cybersecurity Framework 3.0

Season’s Greetings

Posted on
As we near the end of the year, we would like to express our gratitude to the customers, partners and supporters that have contributed to another record year at Layer Seven Security. We look forward to relentlessly serving your cybersecurity needs in 2016 by securing your SAP assets and enabling you to maximize the value of …
Read Article Season’s Greetings

Are your System Users Vulnerable to SAP Hacks?

Posted on
One of the most telling statistics revealed at BlackHat USA earlier this year was the fact that 84 percent of InfoSec professionals regard unmanaged privileged credentials as the biggest cyber security vulnerability within their organizations. For SAP environments, the dangers posed by abusing user accounts with privileged access are well-known and can include shutting down SAP …
Read Article Are your System Users Vulnerable to SAP Hacks?

Monitoring SAP Security Metrics with SolMan Dashboards

Posted on
SAP Solution Manager (SolMan) includes a complete dashboard framework for visualizing data metrics and KPIs across a wide variety of areas. This includes areas such as availability, performance, service delivery, and crucially, system security. What’s more, the process for enabling and customizing dashboards is relatively quick and simple. This short guide walks through the steps to …
Read Article Monitoring SAP Security Metrics with SolMan Dashboards

How to Discover Missing Security Notes for Your SAP Systems using ConVal

Posted on
Earlier this month, the New York Stock Exchange released a definitive guide to cybersecurity targeted at directors and officers of public companies. Developed with Palo Alto Networks, the guide includes contributions from over thirty-five industry experts and contends with a wide range of questions including legal and regulatory issues, cyber insurance, supplier risks, and incident …
Read Article How to Discover Missing Security Notes for Your SAP Systems using ConVal

Featured in SAPinsider: Unlocking the Cyber Security Toolkit in SAP Solution Manager

Posted on
How to Implement Advanced Security Monitoring Without Third-Party Software The fear and anxiety driven by the wave of cyber attacks in recent years has led many companies to bolster their security programs. It’s also led to a stream of software solutions from third-party developers offering to solve customers’ cyber security challenges. You may have heard the sales spin, watched the …
Read Article Featured in SAPinsider: Unlocking the Cyber Security Toolkit in SAP Solution Manager

How to Protect Sensitive Data in Your SAP Systems with Read Access Logging

Posted on
The need to monitor access to classified data in SAP systems has never been greater. End users are increasingly working with SAP data from outside the borders of corporate networks. Corporate information is also increasingly under threat from cyber criminals, hacktivists, cyber spies and terrorists that seek to exploit classified information for financial gain or …
Read Article How to Protect Sensitive Data in Your SAP Systems with Read Access Logging

OPM Data Breach Reveals the Limitations of Cybersecurity Solutions

Posted on
The fallout from the record-breaking breach disclosed by the Office of Personnel Management (OPM) earlier this month reached a low point at a Capitol Hill hearing on June 16. During the hearing, members of the House Committee on Oversight and Government Reform scolded OPM officials and IT executives for their “complete and utter failure” to protect …
Read Article OPM Data Breach Reveals the Limitations of Cybersecurity Solutions

Are 95 percent of SAP systems really vulnerable to cyber attack?

Posted on
Earlier this month, SAP issued a strongly-worded response to claims made by the software vendor Onapsis in a press release that over 95 percent of SAP systems assessed by Onapsis were exposed to vulnerabilities that could lead to the compromise of SAP systems. According to SAP, “The press release published by Onapsis is aimed at …
Read Article Are 95 percent of SAP systems really vulnerable to cyber attack?

Turn the Tide against Cyber Attacks with SAP Enterprise Threat Detection

Posted on
One of the most striking facts revealed by the 2014 Verizon DBIR is that only one in every six data breaches are detected by organizations that are the victim of such breaches. The statistic revealed that the vast majority of organizations lack the capability to detect incidents that lead to a data breach. According to …
Read Article Turn the Tide against Cyber Attacks with SAP Enterprise Threat Detection

Discover Security Patches for your SAP Systems using System Recommendations

Posted on
One of the most startling facts revealed by the 2015 Cyber Risk Report is that over 44 percent of data breaches stem from the exploitation of known vulnerabilities that are over two years old. This suggests that effective patching can dramatically lower the likelihood of a successful data breach and, when employed with other countermeasures …
Read Article Discover Security Patches for your SAP Systems using System Recommendations