About Frank_Buchholz

Frank_Buchholz

Introduction A security policy is a collection of security policy attributes and their values. This definition replaces the definition of behavior with profile parameters: once a security policy is assigned to a user master record, this determines th...

Frank_Buchholz

Risk zone ! The password hash algorithm used by ABAP based systems had evolved over time. Older hash algorithms are seen as weak nowadays and you should get rid of any such weak password hashes. References: Blog SAP password hashes security from...

Frank_Buchholz

The Security Optimization Service (SOS) is designed to check the security of your SAP system (see Introduction to Security Optimization Service (SOS) – Security health Check report). The SOS report shows two tables with results and findings. In the...

Frank_Buchholz

You can increase the security of your system landscape with the Trusted RFC concept (see Trusted Systems: Maintain Trust Relationships Between SAP Systems). This blog describes how Trusted RFC can be configured securely. Some well-known impacts of i...

Frank_Buchholz

You can use SAP NW Identity Management to develop a central password self-service applications which can be used by all users to set their password in various backend systems. Well, I agree that implementing Single Sign-On is always better than deali...

Frank_Buchholz

Caution: this (otherwise very good blog) blog shows the old template roles roles (which I guess still work).However, nowadays you should use these roles instead (and never ever, think about using SAP_ALL):Note 2000585 - CUA: Assigning minimal authori...

Frank_Buchholz

You find the detailed explanation for event BUS in KBA 3491036 - Security Audit Log: BUS Event Details

Frank_Buchholz

Here are some information about the unknown policy attributes:--Security Policy Attribute SESSION_MEMORY_LIMIT_EXEMPTIONFor certain ABAP programs that require a large volume of memory, you can extend the session memory quota by setting profile parame...

Frank_Buchholz

>Hi @Frank_Buchholz, due to the latest SAP Community update,>the layout of your blog post looks horrible now (huge blank spaces),>if you don't mind could you fix it please?@Sandra_Rossi Ho Sandra,I've no idea what I can do about this ugly change: I c...

Frank_Buchholz

Hi Diego, yes, I'll talk about this note in the monthly Security Notes Webinar (13.12.2023 ASUG / 14.12.2023 Enterprise Support and DSAG) and will tell something like this: If you just use BTP services (as in SAAS scenarios) but not develop own app...

User Statistics

User Activity

Show overview about security policies (SECPOL)

Report ZCLEANUP_PASSWORD_HASH_VALUESX - Remove weak password hash values

Show the results of the Security Optimization Service

Secure Trusted RFC in GRC Access Control EAM and other Applications

How to validate passwords using a Regex in SAP NW Identity Management

Re: Central User Administration(CUA) Configuration

Re: Analysis and Recommended Settings of the Security Audit Log (SM19 / RSAU_CONFIG, SM20 / RSAU_REA

Re: Show overview about security policies (SECPOL)

Re: Analysis and Recommended Settings of the Security Audit Log (SM19 / RSAU_CONFIG, SM20 / RSAU_REA

Re: Unveiling Critical Security Updates: SAP BTP Security Note 3411067