One of the advantages of cloud applications is that you don’t have to take care of security. Which is true – mostly. In reality, while most of the security responsibilities and tasks are taken over by the cloud service provider, there are some things...
SAP S/4HANA, the core ERP product from SAP, is a complex solution. With more than 300 million lines of code, and a broad variety of modules and components, it’s not only very powerful – it can also be overwhelming to find the settings and features y...
When we speak to customers about security, we often hear the requirement for “more encryption”. Which makes sense, doesn’t it? After all, with todays’ encryption algorithms, anyone who is able to steal encrypted data cannot really do anything with th...
3.3 Terminated or Transferred Users Risk Users have access privileges even though they transferred to a new business role, potentially creating a segregation of duties conflict or users who have been terminated are still active in the system, creatin...
This blog post is part of our series about how to audit SAP S/4HANA Cloud public edition.Role Concept: Business Catalogs vs. PFCG Roles SAP S/4HANA Cloud simplifies the role assignment by introducing business catalogs as the smallest assignable entit...
HI Jimesh,Can you please specify which product/solution you have?Have you considered our Enterprise Threat Detection? Amongst other things, it can read and process the SAL and forward it to other solutions.Hope that helpsBestPatrick
Hi GeorgiaFrom my understanding, IEC 62443 is tailored very specifically to Industrial Automation and Control systems, for example the software that controls a robot that puts together car parts. The scope of SAP S/4HANA is different to that. Having ...
Hi Gerardwhat log files are you looking for specifically and why?Please keep in mind that not all events, especially infrastructure related log events, can be shared for confidentiality reasons. Nor would they need to, as we as cloud provider operate...
Hi Marian
sorry about that - I changed the reference in the blog post and will let you know once the note is actually published. Something to look forward to, though
Hi Yonko
thanks for the insight. I'd definitely agree that the bug bounty program is helpful in developing a more secure application - and ever since we participate, it has become an important pillar in making S/4HANA more secure.