SAP Security Whitepapers and Articles

Read more about security in these papers and articles: They contain results of our research on SAP security topics as well as advice for secure programming.

SAP Security Recommendations - Protecting Java- and ABAP-based SAP Applications Against Common Attacks

SAP AG, June 2011.

Published here with friendly permission of SAP AG. This SAP white paper has been developed with support from Virtual Forge.

Source: SAP Service Marketplace

The ABAP Underverse

by Andreas Wiegenstein, presented at Blackhat Europe, Barcelona, 2011

Latest Research results about risky ABAP to Kernel communication and ABAP-tunneled buffer overflows.

Software Supply Chain Integrity in SAP Applications

Article in Security Acts, by Sebastian Schinzel, Gunter Bitz, Andreas Wiegenstein, Markus Schumacher & Frederik Weidemann, 2009

"The integrity of the growing software supply chains is a serious risk, because more and more people are involved in the creation of software applications. More developers and the increasing complexity of software applications result in a greater risk for security flaws in the applications on one hand. On the other hand, companies create software applications within a long supply chain, which raises the question of how to verify the integrity of the supply chain. A set of security requirements used as acceptance criteria in combination with static code analysis tools increase the confidence in the integrity of software supply chains."

Know-how that takes you further

SAP Security Whitepapers and Articles

The ABAP Underverse

Software Supply Chain Integrity in SAP Applications

Writing Fast and Secure Code in C

Web Application Vulnerability Scanners - a Benchmark

The Cross Site Scripting Threat

The Impact of Cross-Site Scripting on Your Business