SAP S/4 HANA Security Guide: Introduction

This article is the first and introductory part of a new series of guidelines describing the main security areas of SAP S/4 HANA and SAP HANA systems. It is well-known that ERP systems such as SAP ECC and SAP S/4 HANA in particular may dramatically enhance the quality and speed of the management of all The post SAP S/4 HANA Security Guide: Introduction appeared first on ERPScan.
Read more

SAP Cyber Threat Intelligence report – September 2017

The SAP threat landscape is always growing thus putting organizations of all sizes and industries at risk of cyberattacks. The idea behind SAP Cyber Threat Intelligence report is to provide an insight on the latest security threats and vulnerabilities. Key takeaways This set of SAP Security Notes consists of 33 patches with the majority of The post SAP Cyber Threat Intelligence report – September 2017 appeared first on ERPScan.
Read more

SAP Vulnerability Management. Part 4: Reporting

Vulnerability Management is the most fundamental security practice that provides discovery and security assessments of SAP systems. An approach to recognizing weak points drives security patching, incident management, security event monitoring and all other security capabilities. Communication is a key success factor in streamlining the efforts of different teams engaged in patching, incident recovery, and The post SAP Vulnerability Management. Part 4: Reporting appeared first on ERPScan.
Read more

EAS-SEC. Oracle PeopleSoft Security Configuration. Part 6: Insecure settings

A typical PeopleSoft system is quite large and complex, so there are a lot of settings, which affect its security. Some of them we have already described. This part of the guideline is focused on specific insecure configurations, which can’t be tied to any other group. There are 4 important areas that should be covered; The post EAS-SEC. Oracle PeopleSoft Security Configuration. Part 6: Insecure settings appeared first on ERPScan.
Read more

SAP Cyber Threat Intelligence report – August 2017

The SAP threat landscape is always growing thus putting organizations of all sizes and industries at risk of cyberattacks. The idea behind SAP Cyber Threat Intelligence report is to provide an insight on the latest security threats and vulnerabilities. Key takeaways This set of SAP Security Notes consists of 19 patches with the majority of The post SAP Cyber Threat Intelligence report – August 2017 appeared first on ERPScan.
Read more

SAP Security Notes July 2017

On the 11th of July 2017, SAP released its monthly set of SAP Security Notes consisting of 23 patches. To help everyone who is engaged in SAP patching process, ERPScan research team conducted a detailed review of the released SAP Security Notes. This analysis comes in handy for companies providing SAP Vulnerability Assessment, SAP Security The post SAP Security Notes July 2017 appeared first on ERPScan.
Read more

Analyzing Oracle Security – Oracle Critical Patch Update July 2017

Today Oracle has released its quarterly patch update for July 2017. It fixes a record number of 308 vulnerabilities. The main highlights are as follows: The number of security issues released every quarter keeps growing. Once again, the vendor issued the highest number of its security patches (308) ever. July’s CPU contains 27 vulnerabilities assessed The post Analyzing Oracle Security – Oracle Critical Patch Update July 2017 appeared first on ERPScan.
Read more

EAS-SEC. Oracle PeopleSoft Security Configuration. Part 5: Open remote management interfaces

In most cases, enterprise applications provide functionality for remote administration of the systems as well as access to various technical services. Such services can be available for connection from the Internet, and, in case of unsafe settings, be remotely managed without any authentication procedure. PeopleSoft applications are integrated, and most of the remote configuration is The post EAS-SEC. Oracle PeopleSoft Security Configuration. Part 5: Open remote management interfaces appeared first on ERPScan.
Read more

More than 1000 PeopleSoft applications are exposed to the Internet. What are the risks?

Oracle PeopleSoft is widely implemented in midsize companies and large enterprises (many from the Fortune 100) in various industries to manage resources. This software is also in use at Governmental and Higher education institutions. PeopleSoft Suite includes Human Capital Management, Financial Management, Supplier Relationship Management, Supply Chain Management, and other applications. No need to say The post More than 1000 PeopleSoft applications are exposed to the Internet. What are the risks? appeared first on ERPScan.
Read more

SAP Cyber Threat Intelligence report – July 2017

The SAP threat landscape is always growing thus putting organizations of all sizes and industries at risk of cyberattacks. The idea behind SAP Cyber Threat Intelligence report is to provide an insight into the latest security threats and vulnerabilities. Key takeaways July’s set of SAP Security Notes consists of 23 patches with the majority of The post SAP Cyber Threat Intelligence report – July 2017 appeared first on ERPScan.
Read more