Security Basics
[Onapsis Research Labs] New SAP Security In-Depth issue: "Preventing Cyber-Attacks Against SAP Solution Manager" Sep 04 2013 09:48PM
Onapsis Research Labs (research onapsis com)
Dear colleague,

We are happy to announce a new issue of the Onapsis SAP Security In-Depth publication.

SAP Security In-Depth is a free publication led by the Onapsis Research Labs with the purpose of providing specialized
information about the current and future risks in this area, allowing all the different actors (financial managers,
information security managers, SAP administrators, auditors, consultants and others) to better understand the involved
risks and the techniques and tools available to assess and mitigate them.

In this edition: "Preventing Cyber-Attacks Against SAP Solution Manager", by Nahuel Sanchez and Juan Perez-Etchegoyen.
By design the SAP Solution Manager is connected to all SAP systems (i.e. ERP, CRM, BI, etc), making it a critical
component of any SAP implementation: if successfully exploited by an attacker, all the satellite SAP environments, and
therefore their business information, can be ultimately compromised.

Despite its relevance, common IT security practices have traditionally overlooked this component, resulting in many
insecure implementations. This issue presents key security concepts about the Solution Manager, introduces an in-depth
analysis of critical cyber-threats affecting it and, more importantly, outlines a list of mitigation techniques and
countermeasures to protect SAP Solution Manager implementations.

By understanding and leveraging this information, SAP and Information Security professionals can increase the overall
security level of their company's SAP platform, better protecting their organization's business-critical information.


The full publication can be downloaded from

We hope you enjoy this new issue!

Kindest regards,


Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.;4175;25;1371;0;5;946;e13b6be442

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus