SAP S/4HANA, the core ERP product from SAP, is a complex solution. With more than 300 million lines of code, and a broad variety of modules and components, it’s not only very powerful – it can also be overwhelming to find the settings and features y...
When we speak to customers about security, we often hear the requirement for “more encryption”. Which makes sense, doesn’t it? After all, with todays’ encryption algorithms, anyone who is able to steal encrypted data cannot really do anything with th...
3.3 Terminated or Transferred Users Risk Users have access privileges even though they transferred to a new business role, potentially creating a segregation of duties conflict or users who have been terminated are still active in the system, creatin...
This blog post is part of our series about how to audit SAP S/4HANA Cloud public edition.Role Concept: Business Catalogs vs. PFCG Roles SAP S/4HANA Cloud simplifies the role assignment by introducing business catalogs as the smallest assignable entit...
Two-thirds of the Earth's surface is covered with water. The other third is covered with auditors from headquarters.”- Norman Ralph Augustine -Trigger & BackgroundIronic as it is, the quote above does carry some truth. For every larger and/or publicl...
Hi GeorgiaFrom my understanding, IEC 62443 is tailored very specifically to Industrial Automation and Control systems, for example the software that controls a robot that puts together car parts. The scope of SAP S/4HANA is different to that. Having ...
Hi Gerardwhat log files are you looking for specifically and why?Please keep in mind that not all events, especially infrastructure related log events, can be shared for confidentiality reasons. Nor would they need to, as we as cloud provider operate...
Hi Marian
sorry about that - I changed the reference in the blog post and will let you know once the note is actually published. Something to look forward to, though
Hi Yonko
thanks for the insight. I'd definitely agree that the bug bounty program is helpful in developing a more secure application - and ever since we participate, it has become an important pillar in making S/4HANA more secure.