Skip to Content
Author's profile photo Frank Koehntopp

Welcome to the SDN Security Forum!

You New Forum for security-related questions, we’re happy to comply: I am proud to announce that the Security is now open for business.

The official description is “Strategic SAP product security issues and questions in the areas of secure user access, such as Single Sign-On and Identity Management, secure collaboration, such as message security (encryption) and trust management as well as infrastructure security questions that span more than one SAP NetWeaver component, should be posted here.”.

Practically speaking, this will be a place to discuss all things security, even if they can’t be directly linked to an SAP software component. Processes around security management or IT risk management are fine as well.

We will start things by moving all (well, all we can find…) security related posts that are now buried in all the other forums into the security forum – using Craig‘s words, this is supposed to be the “one true place for security related issues”.

The SDN Security forum will be moderated by myself and two colleagues from the SAP Global Focus Group Risk Management & IT Security – Michael Altmaier and Christian Wippermann. We’ll be happy to discuss all your security questions. Questions around SAP’s new GRC Initiative are not directly in focus, but as long as there’s no separate forum for this, we’ll be happy to serve as a temporary home.

One request: please do NOT use the forum to post new security issues you may find in a SAP component. The reason for this is not that we’re trying to hide these issues, quite the contrary: we’d like to address them as fast as humanly possible, and this is why they still need to go to, where our dedicated security product experts will take care of them.

Let me finish this post with a quote from Confessions of a master jewel thief by Bill Mason:

“Nothing works more in a thief’s favor than people feeling secure. That’s why places that are heavily alarmed and guarded can sometimes be the easiest targets. The single most important factor in security — more than locks, alarms, sensors, or armed guards — is attitude. A building protected by nothing more than a cheap combination lock but inhabited by people who are alert and risk-aware is much safer than one with the world’s most sophisticated alarm system whose tenants assume they’re living in an impregnable fortress.”

Secure and happy posting, everyone – I’m looking forward to your discussions!

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Former Member
      Former Member
      ...for listening to us wanting to have a forum to discuss general security related quiestions.

      I will be a frequent guest in this forum, trying to answer as many questions as possible.

      My own concern is most of identity management issues. How does other manage their identities within their corporations.

      Author's profile photo Former Member
      Former Member
      I think this is going to be the most popular  FORUM on SDN...

      The most relevant question today is How to cope with different data privacy policy in different countries...

      Let us start a buzz on it and have some fruitful discussion...


      Author's profile photo Former Member
      Former Member
      This has definitely been a long time coming, thanks so much for providing it!