Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
Monitoring for Security Policy and Compliance Rules
Description
Security monitoring is the automated process of collecting and analyzing indicators of potential security threats. SAP Solution Manager executes configuration validation reports to compare the current configuration of one or more systems with a reference system.
The reference system can be either a real, existing system or a virtual target system containing user-defined configuration criteria.
Tools
Demo
Configuration validation delivers 4 areas of Predefined configuration elements for security:
User Authentication: Maintain account and identity management. (Standard Users with default password, Insufficient password policy, ...)
Authorizations: Check who is allowed to do what. (Users with full authorizations for S_RFC, Users with SAP_ALL, ...)
System Security: Code security, RFC, network and interfaces. (Missing security Notes, Trusted RFC, ..)
Auditing and Logging :Security audit log is properly activated.
