Search

SAP environments rely heavily on transports, which serve as a means of transferring changes between systems, implementing new functions, performing patches and updates, and installing third-party applications. Transports are crucial for effective change management processes in SAP. However, assessing their security risks across multiple SAP systems residing in complex, hybridized environments can be a challenge….

SAP applications are crucial to business operations and, therefore, prime targets for cyber threats. Traditional IT security measures often prove insufficient, highlighting the urgent need for dedicated SAP vulnerability management and threat detection processes. In this article, we explore these strategies and use the analogy of securing an office building to demonstrate their necessity. Vulnerability…

The Pathlock Innovation Series (running 6/26-6/28) is a free, virtual event that will address today’s most critical challenges related to application governance, risk and compliance DALLAS, June 20, 2023 – Pathlock, the leading provider of cross-app internal controls automation, risk management and application security, announces the latest installment of the Pathlock Innovation Series. The free,…

In the complex world of SAP enterprise systems, an underestimated security threat often slips under our notice – the RFC (Remote Function Call) callback attack. This exploit has particular relevance to SAP due to the nature of inter-system communication. In this article, we’ll unpack RFC callback exploits, their potential dangers, and how Pathlock can help…

SAP application breaches are more common than you might think, and one of the prime causes is unsecured ABAP code. Backdoors can creep into your code, either intentionally planted by malicious actors or through outdated, obsolete code and configuration errors. Such backdoors can become embedded in the massive number of ABAP code lines necessary for…

What is SAP Access Control? SAP Access Control, part of SAP Governance Risk and Compliance, is an enterprise-grade software application that lets you control access to SAP applications and resources. It can help you make sure business users have the right access to SAP, minimizing the time and cost spent on achieving compliance. SAP Access…

What are SOX Controls? SOX controls, also known as SOX 404 controls, are rules that can prevent and detect errors in a company’s financial reporting process. Internal controls are used to prevent or discover problems in organizational processes, ensuring the organization achieves its goals. SOX controls are driven by the 2002 Sarbanes Oxley Act (SOX)…

At the SAPinsider 2020 virtual conference experience, one of our product demo attendees asked how Pathlock works with SAP GRC Access Control. We get this question a lot as SAP security and system professionals explore adding attribute-based access controls (ABAC) to the native SAP role-based access controls (RBAC) to streamline and strengthen access policy management…