Defense and Security

Here’s another magic lesson. Today we will focus on the SAP_ALL profile. This profile contains all SAP authorizations (in ABAP systems), meaning that a user with the SAP_ALL profile can perform any action in the system. That’s why SAP... Read More »

The new generation of road maps is here at SAP! Similar to how paper maps were reshaped by navigation systems and digital maps, classic PDF road maps are being transformed by the SAP Road Map Explorer. This interactive tool helps customers and... Read More »

In 2021, emerging technologies and accelerated digitalization are forcing IT departments to transform their cybersecurity strategy and approach. The transformation takes place simultaneously – from securing systems, building a secure cloud... Read More »

Cybersecurity is everyone’s business. Nevertheless, at the end of 2019, we (as well as the cybersecurity field in general) still have a lack of diversity in this vibrant field. By diversity, we mean all: cultural background, educational... Read More »

The SAP Road Map Explorer was recently released to help SAP customers customize road maps according to their needs. In 5 simple steps, customers can navigate the tool in an easy and intuitive way. To first access the tool, log-in with your S-user... Read More »

NWBC was originally designed to enable users to access data using multiple UI technologies from a single ABAP back end system. To make data access secure, we now recommend combining NWBC with SAP NetWeaver Single Sign-On. This solution is both... Read More »

As you may know there are some basic rules in SAP Security. One of them is to prohibit direct modifications in production systems. All changes in SAP system have to be first implemented in the development system and then could be promoted through... Read More »

Why do people buy cars? To get around. There may be other reasons, but in the end, what people want is mobility. Car ownership, however, comes with associated trappings. You’ll need a license and insurance. You may also need financing. And... Read More »

I continue my posts regarding secret knowledge of SAP Consulters to bypass your security. And today I will tell you about calling SAP transactions without authorizations for them. It is known that to invoke transaction codes users need the S_TCODE... Read More »

I am starting today a new blog series about how to use the logon trace created via SM50 to resolve logon-based issues. I will use the logon trace to analyze password issues, issues with SSO based on logon tickets and issues with SSO based on X.509... Read More »