CVE Find’s Post

[Tomorrow] Join Alex Horan and Juan Perez-Etchegoyen as they discuss the importance of securing SAP BTP: ⇨ The unique challenges and vulnerabilities of securing SAP #BTP ⇨ An in-depth overview of authentication mechanisms, authorization controls, and encryption protocols. ⇨ Proactive measures for #threatdetection, #incidentresponse, and compliance adherence. Register via the link in the comments 🔽

Just 4 days to go until our SAP Partner Summit 2024 Recap Webinar! Prepare to join Elizabeth Miller and Lauren Flowers for a concise overview of SAP's strategic roadmap.  Secure your spot today to transform your business.

Get a concise overview of SAP’s strategic roadmap and the updates set to shape the landscape of business technology, directly impacting your business. Save the Date! Join us on May 30th hosted by Elizabeth Miller and Lauren Flowers from Quaint Business Solutions. 🔍 What You'll Learn: Future Innovations: Discover what’s next for SAP B1 and the exciting features in Feature Pack 2405. Enhanced Security: Understand the latest advancements in security and data privacy.

With SAP GRC reaching end-of-life by 2027 and Oracle GRC by May 2025, now is the time to rethink your access governance strategy. A fine-grained Application Access Governance (AAG) solution is crucial for: 🔍 Providing granular visibility into application permissions. 🔒 Enhancing security and compliance across your organization. 🚀 Seamlessly transitioning from legacy GRC systems. 📊 Ensuring detailed control and monitoring of user access. Now is the time to start engaging with Identity Authority Vendor like Saviynt to make sure your critical ERP applications are secure, compliant and always Audit ready. #AccessGovernance #Security #Compliance #SAPGRC #OracleGRC #DigitalTransformation

Read important ask! I have seen a lot of people reaching out to me via different channels with real life usecase. I would like to share each of their ask on this channel if you like 👍 else I would continue as is One of the lead architects reached out to me and told me that they want to sign a JWT using HS256 using DataWeave. I asked why, as they mentioned the source is signing the JWT using RSA 256, but the target SAP does not support the RSA algorithm. Therefore, I need to decode the source JWT in the Middleware and sign it using my own private key with HS256 before sending it to SAP. I provided an end-to-end solution, but at the same time, I mentioned that it is not recommended to tamper with incoming JWTs for the sake of business. I advised them to seek approval from the IT Information Security team before proceeding 😊. Feel free to comment if you are looking for learning at Enterprise level concepts irrespective of technology, ✅I would create study groups and page so please suggest some page name. #enterprisearchitecture #integration

Anyone involved in connectivity hardening for SAP landscapes has likely wondered if it is possible to use the latest TLS protocol 1.3 for HTTPS connections 🤔 The general answer to that question for the main technology stacks has been a simple “no” for a long time. TLS 1.2 was the highest available version. However, that situation is shifting because, with recent releases of the SAP Kernel and CommonCryptoLib, there is support for TLS 1.3. In this article, our SAP security specialist Gert-Jan Koster explores this topic further and makes some suggestions for implementation. Let’s dive in! 👉 https://lnkd.in/dpp_PFpg #TLS #TLSProtocol #TransportLayerSecurity

Need to untangle your identity governance mess? Call the experts at S3, who recently helped a Fortune 500 food giant implement SailPoint, integrating it with their SAP platforms. The result? A 37% decrease in provisioning time and an auditor-pleasing security posture locked tighter than Fort Knox. When it comes to complex identity needs across SAP and other environments, S3's unmatched expertise delivers measurable transformation. Don't settle for amateur hour - get world-class identity governance from the pros. #identitysecurity #cybereducation #techforgood

Hey SAP administrators, New SAP Security Notes have arrived. Check our blog and 2 SAP vulnerability advisories. CVE-2024-47594 - https://lnkd.in/eaBwSwH6 CVE-2024-37180 - https://lnkd.in/e8uMzyHZ #sapnotes #sapsecurity #patchday #sappatchday

Introducing the Oracle Identity Manager Connector for SAP Ariba. Discover how it can enable Oracle Identity Governance to provide heightened security posture, precision access controls, and more: https://lnkd.in/d6_-EKY4