sapsec.blogspot.com
SAP-Security.nl: How to monitor the use of &SAP_EDIT and how to disable it
http://sapsec.blogspot.com/2011/08/how-to-monitor-use-of-and-how-to.html
How to monitor the use of &SAP EDIT and how to disable it. Although the lates SAP releases have decreased the possibility to tamper with table data, there are still some loopholes that need your attention. On home4sap.com shows you how to stay in control. Robert P. Calfee. This post is probably where I got the most useful information for my research. Thanks for posting, maybe we can see more on this. Are you aware of any other websites on this. March 7, 2013 at 5:16 AM. William L. Galloway Galloway.
sapsec.blogspot.com
SAP-Security.nl: Segregation of Duties in SAP: a brief instruction
http://sapsec.blogspot.com/2012/07/segregation-of-duties-in-sap-brief.html
Segregation of Duties in SAP: a brief instruction. Is now in English! As of SAP Web AS 6.20 the ABAP report RSUSR008 009 NEW (transaction S BCE 68002111) has been made available in SAP. This report combines the (quite useless! Old reports RSUSR008 and RSUSR009 and had has become a simple but reliable tool to import your SoD rule set and to report on it. It's possible to report on sole 'authorization id' (Critical Authorizations) or on a combination of 2 different 'authorization id's' (SoD). Now a days sa...
sapsec.blogspot.com
SAP-Security.nl: SAP Espresso Sessies
http://sapsec.blogspot.com/2011/09/sap-espresso-sessies.html
Afgelopen donderdag zat er weer een uitnodiging in de mailbox voor de nieuwe SAP Espresso Sessies. Webinars van 25 minuten waarin je wordt bijgepraat over diverse onderwerpen. In de afgelopen anderhalf jaar zijn er i.i.g. een tweetal sessies geweest die ook interessant waren voor de SAP Security community. Ik heb hierover niet bericht maar gelukkig zijn deze presentaties wel terug te kijken:. PASSWORD MANAGEMENT MADE EASY WITH SAP (29-9-2010). Subscribe to: Post Comments (Atom). Get help in SAP Security.
sapsec.blogspot.com
SAP-Security.nl: Useful information on how to use SU25
http://sapsec.blogspot.com/2011/09/useful-information-on-how-to-use-su25.html
Useful information on how to use SU25. I was looking for instruction material for SU25 (Profile Generator: Upgrade and First Installation) and found these useful instructions:. William L. Galloway Galloway. Hi this is shiva kumar i am working on sap bwbi. i just browsing blog s on hana there i found your blog is interesting . i like to say thank for sharing a information on sap sap-security. April 4, 2013 at 11:16 AM. Subscribe to: Post Comments (Atom). Get started in SAP ECC Security. SAP BW 3.5. SAP Go...
sapsec.blogspot.com
SAP-Security.nl: Verslag VNSG Focusgroepbijeenkomst op 8 september over Basis Security
http://sapsec.blogspot.com/2011/09/verslag-vnsg-focusgroepbijeenkomst-op-8.html
Verslag VNSG Focusgroepbijeenkomst op 8 september over Basis Security. Op 8 september waren we te gast bij. MinDef) op de Frederikkazerne in Den Haag. Gelukkig was de zaal groot genoeg, want met zo’n 35 personen hadden we weer een zeer aardige opkomst. En we werden niet teleurgesteld want de presentaties waren zeer interessant en onderhoudend. Joris van de Vis and Fred van de Langenberg van ERP Security. Lieten op zeer overtuigende wijze zien. Maaike Duchateau van Philips. Gaf in haar presentatie. Ook ga...
sapsec.blogspot.com
SAP-Security.nl: How to secure PFCG & SU01 combination for SoD
http://sapsec.blogspot.com/2012/05/how-to-secure-pfcg-su01-combination-for.html
How to secure PFCG and SU01 combination for SoD. I found an interesting article on SAPTechies.com. On how to assign SU01 and PFCG (one in display mode of course) to the same user, but still manage to secure SoD that exists in maintaining roles and users:. Depending on the authorization you have, the system behaves as follows:. You only have authorization for the user assignment (S USER AGR, ACTVT=22):. You have both authorizations (S USER AGR, ACTVT=02 and 22):. If the automatic user master comparison is...
sapsec.blogspot.com
SAP-Security.nl: Verslag bijeenkomst over SAP GRC Access Control van 13 december 2011
http://sapsec.blogspot.com/2012/01/verslag-bijeenkomst-over-sap-grc-access.html
Verslag bijeenkomst over SAP GRC Access Control van 13 december 2011. Op dinsdag 13 december hadden we de laatste bijeenkomst van 2011 bij Logica in Rotterdam (gastheer was Jurgen de Kok). Deze bijeenkomst stond geheel in het teken van SAP GRC. Voor de diverse downloads van deze presentaties (bij GRC AC 10.0 staat de presentatie die Erwin Albers had willen geven). Tevens zijn er data gepland voor de bijeenkomsten in 2012:. 183; donderdag 15 maart 2012. 183; dinsdag 12 juni 2012. SAP Certified Technology ...
sapsecuritylinks.blogspot.com
SAP Security Links: SAP Security Links
http://sapsecuritylinks.blogspot.com/2007/05/start-sap-security-links.html
This site has been moved to www.sap-security.nl. The links below are all related to SAP ECC Security. Get started in SAP ECC Security. Security on SAP's Public Web. Authorization Made Easy 46A/B (PDF 20 MB! Course: ADM940 SAP Authorization Concept. Course: ADM950 Secure SAP System Management. Course: ADM960 Security in SAP System Environments. Certification: SAP Security 2004. Get help in SAP Security. Security in the SAP Help Portal. Forum: SDN SAP Security. Forum: IT Toolbox SAP Security. SAP BW 3.5.