Rootkits and Trojans on Your SAP Landscape

[This article was presented at CCC Annual Congress, Berlin, 2010] SAP Security and the Enterprise Ertunga Arsal SAP systems are the heart of many enterprises. Most critical business functions run on SAP Applications and the complexity of these systems makes it very difficult to protect against attackers. Default setups, forgotten/unimplemented security configurations, weak password management…

SAP Password Security Audit Services by ESNC

Proper authentication is the key to proper segregation of duties. Any compromised/easy to guess account can cause irrecoverable harm to companies. Enterprises which put a lot of effort in governance and compliance know that any mistake such as one default password forgotten in an overlooked client e.g client 066 or one weak password used by…

ESNC Security Suite - SAP Security Audit results

SAP Security Audit and Assessment Services On-site

We support you by on-site SAP security reviews, where we focus both on insider threats and Internet based attack vectors. Based on the SAP security audit results; performance, and availability problems can be prevented before they affect critical operations. We provide technical assessment of your SAP infrastructure to help prevent the problems that can affect…

ESNC – SAP Security Training

It is ideal to organize the SAP security training right after the SAP security audit or ABAP security review is completed. This way actual SAP security assessment results can be used during the SAP security workshops. This increase SAP security awareness. We provide two separate tracks for SAP security training:   Track A: SAP System…

SAP BW Security

SAP BW systems have access to critical data. The security in this field mostly focuses on SAP BASIS security and specialized BW authorizations. We help our customers with SAP security audit services specialized on SAP BW systems. This includes security assessment of SAP Java stack and ABAP stack for BI systems. We audit the ICF/ITS…

ESNC Antivirus - Backdoor/Rootkit Detection for SAP ABAP Systems - Risk Management View

Rootkit/Backdoor Analysis of SAP systems

SAP backdoors and SAP rootkits are the reality of today. Whether a disgruntled employee seeking revenge or a competitor who tries to obtain ‘competitive advantage’, we see more and more cases of backdoored SAP systems. We provide backdoor analysis services for mission critical production systems where we look for signs of tampering. Attackers use many…

SAP HR Security

SAP HR/HCM security is gaining more popularity because of the recent legal changes to handling of private information in Germany and in other countries. We offer SAP security audit services specialized on HR systems. Combined with an ABAP security analysis, we can detect most of the critical issues on customer SAP HR systems in a…

SAP CRM Security

SAP CRM Security is becoming more and more important with the wide adoption of Internet facing applications. We help our customers with SAP security audit services specialized on SAP CRM systems. This includes security assessment of SAP Java stack and ABAP stack for CRM systems. We audit the ICF/ITS systems security, SAP Java AS security,…

ESNC Security Suite - SAP Security Audit results

Top 5 SAP Security Recommendations

What are the top 5 SAP security recommendations? SAP security is crucial. At ESNC, we have conducted numerous SAP security assessments to date. Based on our experiences with multiple large enterprise customers and financial organizations, we’d like to summarize our top 5 recommendations for having a secure SAP landscape in this knowledge base article. We…

ESNC – SAP Forensics

ESNC provides SAP forensic analysis services for security incident response teams and for law enforcement. Whether it is an SAP system breach or a case of corporate fraud, the financial risks of economic crime can be immense. We help to investigate, analyze and resolve potential crises and provide forensic advisory services upfront to prevent them.…

ESNC Antivirus - Backdoor/Rootkit Detection for SAP ABAP Systems - Risk Management View

SAP GUI Security

SAP GUI vulnerabilities are a critical part of SAP security and they should not be overlooked during SAP security audits and regular SAP scans. SAP GUI security affects the security of workstations that SAP users are using for connecting to their SAP systems. It can be attacked locally as well as remotely through the system using backwards…