Blogs tagged vulnerabilities

With Content Delivery Package 4, we introduce a new category of use cases for SAP Enterprise Threat Detection called ETD self defense. The delivered new workspaces and patterns for this category are designed to help you keep the operation of SAP... Read More »

SAP regularly releases security notes for newly known vulnerabilities on Security Patch Day. With SAP Enterprise Threat Detection (ETD) SAP offers timely updates of attack detection patterns that will help safeguard you against exploit attempts of... Read More »

Security SP07 includes numerous new and enhanced features for business and technical users of Enterprise Threat Detection. Special attention was given to usability (alert and investigation handling, search capabilities, templates), technical... Read More »

There are good blogs regarding Cross Site Scripting ( XSS ) topic in SAP Community: XSS (Cross-Site Scripting) – Overview and Contexts XSS (Cross-Site Scripting) – Methodology and Solutions In this blog, I just show how to build a simple XSS... Read More »

Introduction The Enterprise Portal as we know serves as a central conduit channel through which we can access essential information, business applications and all associated business data. Within an organizational environment a Portal environment is... Read More »

Well this is a continuation of my previous blog on XSS (Cross-Site Scripting) – Overview and Contexts and this time I will continue with attack methodology and solutions. Actually if we think closely we can realize that each attack should... Read More »

XSS – Cross-Site Scripting is no more new in the world of IT Security in fact one of the most popular and common vulnerabilities. There are many blogs, clean sheets, security tips/tricks, advices and other resources available in the web. This... Read More »

It seems like every time I open up my RSS feed lately, I’m greeted with a large number of blog posts on yet another exploit being discovered.  Off the top of my head, the big ones that come to mind are Heartbleed, POODLE, FREAK – I... Read More »

Good news for everyone who likes to keep hackers and industrial spies on the other side of their network defenses: There is a full load of SAP security talks, SAP vulnerability demos, SAP risk discussions and even a “capture the flag”... Read More »

The security conference Troopers (http://www.troopers.de) has a special track on SAP security this year. The talks are about Attacks against SAP Application Server Java (J2EE) Risks for hosted SAP installations Attacks against BusinessObjects... Read More »