Security Think beyond! Patrick Hildenbrand, SAP HANA Platform Extensions June 17, 2014
|
|
- Rachel Weaver
- 8 years ago
- Views:
Transcription
1 Security Think beyond! Patrick Hildenbrand, SAP HANA Platform Extensions June 17, 2014
2 Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase decision. This presentation is not subject to your license agreement or any other agreement with SAP. SAP has no obligation to pursue any course of business outlined in this presentation or to develop or release any functionality mentioned in this presentation. This presentation and SAP's strategy and possible future developments are subject to change and may be changed by SAP at any time for any reason without notice. This document is provided without a warranty of any kind, either express or implied, including but not limited to, the implied warranties of merchantability, fitness for a particular purpose, or non-infringement. SAP assumes no responsibility for errors or omissions in this document, except if such damages were caused by SAP intentionally or grossly negligent SAP (Schweiz) AG. All rights reserved. 2
3 Security What is the problem realm? SAP GRC Security Management SAP NetWeaver Identity Management SAP NetWeaver Single Sign-On SSL/TLS Mobile Security SAP ID Service SNC SCIM HANA SIEM Kerberos Cloud Security Data Privacy Security, Logging, Monitoring Read Access Logging Social identities LDAP Open ID Connect Digital Signature/e-Signature Web Services Security IT Security Lower cost Budget restrictions Raise Efficiency Enterprise Thread Detection Security Optimization Self Service Vulnerability Analysis and Testing Secure Programming Secure Software Development Lifecycle Security Services Secure by Default Confidentiality Authorization Non-repudiation Integrity Authentication 2014 SAP (Schweiz) AG. All rights reserved. 3
4 Source Code The Source of the Risk
5 Business Applications do have a History Today's business applications are often Grown over the years Complex Built on changing requirements Created based on different development paradigms Optimized for Performance Extended but not reinvented And often security was only an afterthought SAP (Schweiz) AG. All rights reserved. 5
6 Application Security Testing Find vulnerabilities in the running application Manual Application Penetration Testing Automated Application Vulnerability Scanning Find vulnerabilities analyzing the sources Manual Source Code Review Automated Source Code Analysis DAST SAST SAP NetWeaver Application Server add-on for code vulnerability analysis Finding security issues at design time is easier and less expensive! 2014 SAP (Schweiz) AG. All rights reserved. 6
7 SAP NetWeaver AS, add-on for code vulnerability analysis Key trends and customer needs The more applications using the ABAP programming language are exposed via interconnected systems and mobile and cloud-based applications, the more vulnerable they are to attacks. Proactively preventing security breaches by static source code analysis is a standard precaution for many application development environments and languages. It helps to save costs by discovering issues early in the development cycle and helps to estimate the risk of an application. The tools used to evaluate the code however need to be deeply integrated into the developers toolset, easy consumable showing a high usability to foster acceptance by the development teams SAP (Schweiz) AG. All rights reserved. 7
8 Does application security pay? In a 2013 study by Kaspersky Labs, 85% of the companies interviewed have reported internal IT security incidents, and software vulnerabilities were the single biggest cause. Source: In a 2013 security workforce study from (ISC)², Application vulnerabilities were ranked highest in security concern by 69% of the respondents. Source: In a 2010 white paper from independent consulting firm Mainstay, reports software security programs not only enhance security, they can generate as much as $37M annually in economic benefits. Source: SAP (Schweiz) AG. All rights reserved. 8
9 SAP NetWeaver AS, add-on for code vulnerability analysis Product description In order to break an application, only one flaw in any of its components/functions or the infrastructure may be enough. SAP NetWeaver AS, add-on for code vulnerability analysis helps you to identify potential weaknesses in your application early in the development process to avoid this risk. Scan efficiently Reduced false-positive rate by dataflow analysis Scanning directly from within the ABAP development environment Developer guidance Detailed help and explanations to all errors Assistance to find the right location for the fix Approval workflows for false positives included Integration Integrated into standard ABAP check frameworks, SAP transport system and ABAP Test Cockpit (ATC) 2014 SAP (Schweiz) AG. All rights reserved. 9
10 SAP NetWeaver AS, add-on for code vulnerability analysis Checks Broad range of predefined checks SQL injection Code injection OS command injection Directory traversal Backdoors Prioritization of checks By the ability to control the priority of every single check, you are able to take into account your own risk and security requirements SAP (Schweiz) AG. All rights reserved. 12
11 Summary
12 Summary: Code Vulnerability Analyzer Developed by the team creating the ABAP language Tightly integrated into standard testing infrastructure Already tested and in use by SAP internally for several years Successfully piloted by customers SAP SAP NetWeaver AS, add-on for code vulnerability analysis is available as of: SAP NetWeaver AS ABAP 7.0 EhP2 Support Package 14 SAP NetWeaver AS ABAP 7.0 EhP3 Support Package 09 SAP NetWeaver AS ABAP 7.3 EhP1 Support Package 09 SAP NetWeaver AS ABAP 7.4 Support Package 05 and later releases 2014 SAP (Schweiz) AG. All rights reserved. 14
13 SAP NetWeaver AS, add-on for code vulnerability analysis Produktplanung im Überblick Integration and flexibility Integration into development landscape Flexible checks Low false positive ratio Checks & Reporting Reporting capabilities with SAP Solution Manager 7.1 SP12 Support for new ABAP 7.40 language features New Checks Detection of Cross Site Scripting in BSP pages Detection of direct access to sensitive database tables Usability Context based documentation Direct navigation to dataflow Flexibility & Performance Customer defined sanitizations Public API to access scan results in ATC Optimizations in dataflow engine Reporting Improved reporting functions based on solution manager integration Ability to define a security baseline Checks Broad range of checks Prioritization of checks Today (Release 7.40 SP05) Configuration Improved administration Planned Innovations Landscape Tighter integration of old systems into check infrastructure Future Direction This is the current state of planning and may be changed by SAP at any time 2014 SAP (Schweiz) AG. All rights reserved. 15
14 Further Information SAP NetWeaver Application Server, add-on for code vulnerability analysis Roadmap presentation: ABAP Test and Analysis Tools ABAP Test Cockpit (ATC) SAP Community SAP (Schweiz) AG. All rights reserved. 16
15 SAP NetWeaver AS, add-on for code vulnerability analysis Key Takeaways Software development more efficient than ever by proactive code security checks Well accepted by developers because of tight integration into standard development environment Integrated into standard code quality checks by using existing frameworks Extends your standard checks 2014 SAP (Schweiz) AG. All rights reserved. 17
16 Thank you Contact information: Patrick Hildenbrand Product Manager SAP AG, Walldorf 2014 SAP (Schweiz) AG. All rights reserved.
SAP NetWeaver Application Server Add-On for Code Vulnerability Analysis. Patrick Hildenbrand, Product Management Security, SAP AG September 2014
SAP NetWeaver Application Server Add-On for Code Vulnerability Analysis Patrick Hildenbrand, Product Management Security, SAP AG September 2014 Disclaimer This presentation outlines our general product
More informationSAP NetWeaver Application Server Add-On for Code Vulnerability Analysis
SAP NetWeaver Application Server Add-On for Code Vulnerability Analysis Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase decision. This
More informationHow To Manage Work Mode On An It Calendar On An Apa System
SAP Solution Manager 7.1 Technical Administration Work Center Setup Q2, 2011 Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase decision.
More informationCompliance & SAP Security. Secure SAP applications based on state-of-the-art user & system concepts. Driving value with IT
Compliance & SAP Security Secure SAP applications based on state-of-the-art user & system concepts Driving value with IT BO Access Control Authorization Workflow Central User Management Encryption Data
More informationSAP Change Control - One Integrated Process to Manage Software Solution Deployments SAP AG
SAP Change Control - One Integrated Process to Manage Software Solution Deployments SAP AG Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase
More informationHow To Make Your Software More Secure
SAP Security Concepts and Implementation Source Code Scan Tools Used at SAP Detecting and Eliminating Security Flaws Early On Table of Contents 4 SAP Makes Code Scan Tools for ABAP Programming Language
More informationEnd User Training and Documentation a capability of Solution Implementation. August 2011
End User Training and Documentation a capability of Solution Implementation August 2011 Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase
More informationSAP Mobile Documents. December, 2015
SAP Mobile Documents December, 2015 Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase decision. This presentation is not subject to your
More informationSAP Audit Management A Preview
SAP Audit Management A Preview SAP AG November 2013 Customer 1 Agenda Business Challenges The Idea The Solution Roadmap Demo 2013 SAP AG. All rights reserved. Customer 2 Disclaimer The information in this
More informationProtect Your Connected Business Systems by Identifying and Analyzing Threats
SAP Brief SAP Technology SAP Enterprise Threat Detection Objectives Protect Your Connected Business Systems by Identifying and Analyzing Threats Prevent security breaches Prevent security breaches Are
More informationSAP Secure Operations Map. SAP Active Global Support Security Services May 2015
SAP Secure Operations Map SAP Active Global Support Security Services May 2015 SAP Secure Operations Map Security Compliance Security Governance Audit Cloud Security Emergency Concept Secure Operation
More informationFINAL DoIT 11.03.2015 - v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES
Purpose: The Department of Information Technology (DoIT) is committed to developing secure applications. DoIT s System Development Methodology (SDM) and Application Development requirements ensure that
More informationSEC100 Secure Authentication and Data Transfer with SAP Single Sign-On. Public
SEC100 Secure Authentication and Data Transfer with SAP Single Sign-On Public Speakers Las Vegas, Oct 19-23 Christian Cohrs, Area Product Owner Barcelona, Nov 10-12 Regine Schimmer, Product Management
More informationDie Technologieplattform der Zukunft. Arne Speck Solution Expert, Mobility & Technology, SAP (Schweiz) AG
Die Technologieplattform der Zukunft Arne Speck Solution Expert, Mobility & Technology, SAP (Schweiz) AG Disclaimer This presentation outlines our general product direction and should not be relied on
More informationData Management for SAP Business Suite and SAP S/4HANA. Robert Wassermann, SAP SE
Data Management for SAP Business Suite and SAP S/4HANA Robert Wassermann, SAP SE Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase decision.
More informationSAP HANA SPS 09 - What s New? SAP HANA Application Lifecycle Management
SAP HANA SPS 09 - What s New? SAP HANA Application Lifecycle Management (Delta from SPS 08 to SPS 09) SAP HANA Product Management November, 2014 2014 SAP AG or an SAP affiliate company. All rights reserved.
More informationITM204 Post-Copy Automation for SAP NetWeaver Business Warehouse System Landscapes. October 2013
ITM204 Post-Copy Automation for SAP NetWeaver Business Warehouse System Landscapes October 2013 Disclaimer This presentation outlines our general product direction and should not be relied on in making
More informationABAP Custom Code Security
ABAP Custom Code Security A collaboration of: SAP Global IT & SAP Product Management for Security, IDM & SSO November, 2012 Public SAP Global IT - ABAP custom code security 1. Introduction / Motivation
More informationGlyder Mobile Doc s(for commercial business & healthcare) May, 2014
Glyder Mobile Doc s(for commercial business & healthcare) May, 2014 Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase decision. This presentation
More informationSAP NetWeaver Information Lifecycle Management
SAP NetWeaver Information Lifecycle Management What s New in Release 7.03 and Future Direction June 2012 SAP NetWeaver Information Lifecycle Management Information lifecycle management Retention management
More informationSAP Business One mobile app for Android Version 1.0.x November 2013
SAP Business One mobile app for Android Version 1.0.x November 2013 Legal disclaimer The information in this presentation is confidential and proprietary to SAP and may not be disclosed without the permission
More informationALM 271 From End-User Experience Monitoring to Management Dashboards and Reporting Stefan Lahr, SAP Active Global Support September, 2011
ALM 271 From End-User Experience Monitoring to Management Dashboards and Reporting Stefan Lahr, SAP Active Global Support September, 2011 Disclaimer This presentation outlines our general product direction
More informationIMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY MONITORING
IMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY How runtime application security monitoring helps enterprises make smarter decisions on remediation 2 ABSTRACT Enterprises today
More informationAndreas Wiegenstein Dr. Markus Schumacher
Andreas Wiegenstein Dr. Markus Schumacher PPT SAP Masterfolie GUI Hacking (V1.0) zur Troopers Erstellung Conference von 2011, Heidelberg Präsentationen Who am I Andreas PPT Masterfolie Wiegenstein CTO
More informationA Strategic Approach to Web Application Security The importance of a secure software development lifecycle
A Strategic Approach to Web Application Security The importance of a secure software development lifecycle Rachna Goel Technical Lead Enterprise Technology Web application security is clearly the new frontier
More informationSAP IT Infrastructure Management
SAP IT Infrastructure Management Legal Disclaimer This presentation is not subject to your license agreement or any other agreement with SAP. SAP has no obligation to pursue any course of business outlined
More informationMembers of the UK cyber security forum. Soteria Health Check. A Cyber Security Health Check for SAP systems
Soteria Health Check A Cyber Security Health Check for SAP systems Soteria Cyber Security are staffed by SAP certified consultants. We are CISSP qualified, and members of the UK Cyber Security Forum. Security
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationMobile app for Android Version 1.0.x, January 2014
Mobile app for Android Version 1.0.x, January 2014 Legal disclaimer The information in this presentation is confidential and proprietary to SAP and may not be disclosed without the permission of SAP. This
More informationSAP Project Portfolio Monitoring Rapid- Deployment Solution: Software Requirements
SAP Portfolio and Project Management 5.0 July 2013 English SAP Project Portfolio Monitoring Rapid- Deployment Solution: SAP AG Dietmar-Hopp-Allee 16 69190 Walldorf Germany Copyright 2013 SAP AG or an SAP
More informationSERENA SOFTWARE Serena Service Manager Security
SERENA SOFTWARE Serena Service Manager Security 2014-09-08 Table of Contents Who Should Read This Paper?... 3 Overview... 3 Security Aspects... 3 Reference... 6 2 Serena Software Operational Security (On-Demand
More informationPCI-DSS and Application Security Achieving PCI DSS Compliance with Seeker
PCI-DSS and Application Security Achieving PCI DSS Compliance with Seeker www.quotium.com 1/14 Summary Abstract 3 PCI DSS Statistics 4 PCI DSS Application Security 5 How Seeker Helps You Achieve PCI DSS
More informationSoftware Requirements
EHP6 for SAP ERP 6.0 October 2014 English SAP Commercial Project Management rapiddeployment solution SAP AG Dietmar-Hopp-Allee 16 69190 Walldorf Germany Copyright 2014 SAP SE or an SAP affiliate company.
More informationAuditing the Security of an SAP HANA Implementation
Produced by Wellesley Information Services, LLC, publisher of SAPinsider. 2015 Wellesley Information Services. All rights reserved. Auditing the Security of an SAP HANA Implementation Juan Perez-Etchegoyen
More informationReference Architecture: Enterprise Security For The Cloud
Reference Architecture: Enterprise Security For The Cloud A Rackspace Whitepaper Reference Architecture: Enterprise Security for the Cloud Cover Table of Contents 1. Introduction 2 2. Network and application
More informationUnderstanding Security and Rights in SAP BusinessObjects Business Intelligence 4.1
Understanding Security and Rights in SAP BusinessObjects Business Intelligence 4.1 Session Code*: 0313 Greg Wcislo Disclaimer This presentation outlines our general product direction and should not be
More informationSAP Automated Testing Excellence Using HP Quality Center Test Tools. Linda Lehman, SAP Kjell Lillemoen, HP
SAP Automated Testing Excellence Using HP Quality Center Test Tools Linda Lehman, SAP Kjell Lillemoen, HP Content SAP End-2-End Test Management What s new in Solution Manager 7.1 Business Process Change
More informationSAP BusinessObjects Business Intelligence 4 Innovation and Implementation
SAP BusinessObjects Business Intelligence 4 Innovation and Implementation TABLE OF CONTENTS 1- INTRODUCTION... 4 2- LOGON DETAILS... 5 3- STARTING AND STOPPING THE APPLIANCE... 6 4.1 Remote Desktop Connection
More informationCORE Security and the Payment Card Industry Data Security Standard (PCI DSS)
CORE Security and the Payment Card Industry Data Security Standard (PCI DSS) Addressing the PCI DSS with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com
More informationColumbia University Web Security Standards and Practices. Objective and Scope
Columbia University Web Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Security Standards and Practices document establishes a baseline of security related requirements
More informationSAP HANA Backup and Recovery (Overview, SPS08)
SAP HANA Backup and Recovery (Overview, SPS08) Andrea Kristen, SAP HANA Product Management October 2014 Disclaimer This presentation outlines our general product direction and should not be relied on in
More informationSAP BW 7.4 Real-Time Replication using Operational Data Provisioning (ODP)
SAP BW 7.4 Real-Time Replication using Operational Data Provisioning (ODP) Dr. Astrid Tschense-Österle, AGS SLO Product Management Marc Hartz, Senior Specialist SCE Rainer Uhle, BW Product Management May
More informationWeb application security: automated scanning versus manual penetration testing.
Web application security White paper January 2008 Web application security: automated scanning versus manual penetration testing. Danny Allan, strategic research analyst, IBM Software Group Page 2 Contents
More informationSix Essential Elements of Web Application Security. Cost Effective Strategies for Defending Your Business
6 Six Essential Elements of Web Application Security Cost Effective Strategies for Defending Your Business An Introduction to Defending Your Business Against Today s Most Common Cyber Attacks When web
More informationSAST, DAST and Vulnerability Assessments, 1+1+1 = 4
SAST, DAST and Vulnerability Assessments, 1+1+1 = 4 Gordon MacKay Digital Defense, Inc. Chris Wysopal Veracode Session ID: Session Classification: ASEC-W25 Intermediate AGENDA Risk Management Challenges
More informationETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001
001011 1100010110 0010110001 010110001 0110001011000 011000101100 010101010101APPLICATIO 0 010WIRELESS110001 10100MOBILE00010100111010 0010NETW110001100001 10101APPLICATION00010 00100101010WIRELESS110
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform
More informationMigration and Upgrade Paths to SAP Process Orchestration. Udo Paltzer Product Owner SAP Process Integration, SAP HANA Cloud Integration
Migration and Upgrade Paths to SAP Process Orchestration Udo Paltzer Product Owner SAP Process Integration, SAP HANA Cloud Integration Disclaimer This presentation outlines our general product direction
More informationSAP Cloud Identity Service
SAP Cloud Identity Service Secure Authentication, Single Sign-On and User Management in the Cloud December 2015 Introduction SAP Cloud Identity Service In the SAP IT application security product portfolio
More informationSAP Technology Overview and Strategy
SAP Technology Overview and Strategy Helmut Grimm, Sr. Director Global Business Development, SAP AG Arne Speck, Solution Principal Technology, SAP Switzerland Disclaimer This presentation outlines our
More informationEO Data by using SAP HANA Spatial Hinnerk Gildhoff, Head of HANA Spatial, SAP Satellite Masters Conference 21 th October 2015 Public
Leveraging Geospatial Technologies EO Data by using SAP HANA Spatial Hinnerk Gildhoff, Head of HANA Spatial, SAP Satellite Masters Conference 21 th October 2015 Public Disclaimer This presentation outlines
More informationSAP HANA Cloud Platform for the Internet of Things
SAP HANA Cloud Platform for the Internet of Things Dr. Uwe Kubach, Vice President HCP Internet of Things, P&I Technology, SAP SE Public Disclaimer This presentation outlines our general product direction
More informationSAP BusinessObjects BI Content Lifecycle Management Best Practices
SAP BusinessObjects BI Content Lifecycle Management Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase decision. This presentation is not
More informationHigh Availability & Disaster Recovery. Sivagopal Modadugula/SAP HANA Product Management Session # 0506 May 09, 2014
High Availability & Disaster Recovery Sivagopal Modadugula/SAP HANA Product Management Session # 0506 May 09, 2014 Legal Disclaimer The information in this document is confidential and proprietary to SAP
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationDell One Identity Cloud Access Manager 8.0.1 - How to Configure for SSO to SAP NetWeaver using SAML 2.0
Dell One Identity Cloud Access Manager 8.0.1 - How to Configure for SSO to SAP NetWeaver using SAML 2.0 May 2015 About this guide Prerequisites and requirements NetWeaver configuration Legal notices About
More informationA7 / SAP Financial Services Forum 2014 / September 9-10, 2014 / London / UK Cloud Strategy for Banking Run Simple with SAP
A7 / SAP Financial Services Forum 2014 / September 9-10, 2014 / London / UK Cloud Strategy for Banking Run Simple with SAP Jens-Peter Jensen (SAP SE) Public Use this title slide only with an image Disclaimer
More informationComplete Web Application Security. Phase1-Building Web Application Security into Your Development Process
Complete Web Application Security Phase1-Building Web Application Security into Your Development Process Table of Contents Introduction 3 Thinking of security as a process 4 The Development Life Cycle
More informationSAP Security Recommendations December 2011. Secure Software Development at SAP Embedding Security in the Product Innovation Lifecycle Version 1.
SAP Security Recommendations December 2011 Secure Software Development at SAP Embedding Security in the Product Innovation Lifecycle Version 1.0 Secure Software Development at SAP Table of Contents 4
More informationSAP NetWeaver Business Client 5.0 Overview. Product Management P&I Technology Core Platform
SAP NetWeaver Business Client 5.0 Overview Product Management P&I Technology Core Platform Legal disclaimer This presentation is not subject to your license agreement or any other agreement with SAP. SAP
More informationlocuz.com Professional Services Security Audit Services
locuz.com Professional Services Security Audit Services Today s Security Landscape Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System layer.
More informationOperating System Security Hardening for SAP HANA
Operating System Security Hardening for SAP HANA Peter Schinagl Technical Architect Global SAP Alliance peters@suse.com Markus Gürtler Architect & Technical Manager SAP Linux Lab mguertler@suse.com Corporate
More informationDIVISION OF INFORMATION SECURITY (DIS)
DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Information Systems Acquisitions, Development, and Maintenance v1.0 October 15, 2013 Revision History Update this table every time a new
More informationSecurity Testing. Vulnerability Assessment vs Penetration Testing. Gabriel Mihai Tanase, Director KPMG Romania. 29 October 2014
Security Testing Vulnerability Assessment vs Penetration Testing Gabriel Mihai Tanase, Director KPMG Romania 29 October 2014 Agenda What is? Vulnerability Assessment Penetration Testing Acting as Conclusion
More informationSAP Business One mobile app for ios. Version 1.9.x September 2013
SAP Business One mobile app for ios Version 1.9.x September 2013 Legal disclaimer The information in this presentation is confidential and proprietary to SAP and may not be disclosed without the permission
More informationSAP Single Sign-On 2.0 Overview Presentation
SAP Single Sign-On 2.0 Overview Presentation March 2016 Public Agenda SAP security portfolio Overview SAP Single Sign-On Single sign-on main scenarios Capabilities Summary 2016 SAP SE or an SAP affiliate
More informationAutomating Security Testing. Mark Fallon Senior Release Manager Oracle
Automating Security Testing Mark Fallon Senior Release Manager Oracle Some Ground Rules There are no silver bullets You can not test security into a product Testing however, can help discover a large percentage
More informationCloud Single Sign-On and On-Premise Identity Federation with SAP NetWeaver Cloud White Paper
Cloud Single Sign-On and On-Premise Identity Federation with SAP NetWeaver Cloud White Paper TABLE OF CONTENTS INTRODUCTION... 3 Where we came from... 3 The User s Dilemma with the Cloud... 4 The Administrator
More informationAN OVERVIEW OF VULNERABILITY SCANNERS
AN OVERVIEW OF VULNERABILITY SCANNERS February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole
More informationAdobe Systems Incorporated
Adobe Connect 9.2 Page 1 of 8 Adobe Systems Incorporated Adobe Connect 9.2 Hosted Solution June 20 th 2014 Adobe Connect 9.2 Page 2 of 8 Table of Contents Engagement Overview... 3 About Connect 9.2...
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationSAP HANA SPS 09 - What s New? Administration & Monitoring
SAP HANA SPS 09 - What s New? Administration & Monitoring (Delta from SPS08 to SPS09) SAP HANA Product Management November, 2014 2014 SAP AG or an SAP affiliate company. All rights reserved. 1 Content
More informationTrustwave MANAGED SECURITY TESTING
Trustwave MANAGED SECURITY TESTING DON T GUESS. TEST. Trustwave Managed Security Testing reveals your vulnerabilities and alerts you to the consequences of exploitation. If you re concerned about cyberattacks
More informationWeb Application Hacking (Penetration Testing) 5-day Hands-On Course
Web Application Hacking (Penetration Testing) 5-day Hands-On Course Web Application Hacking (Penetration Testing) 5-day Hands-On Course Course Description Our web sites are under attack on a daily basis
More informationSAP's Strategy and Roadmap for Cloud for Marketing How Customers Benefit from Adopting Cloud to Empower the Modern Marketer
SAP's Strategy and Roadmap for Cloud for Marketing How Customers Benefit from Adopting Cloud to Empower the Modern Marketer Oliver Conze, Global VP Product Management, SAP June 3, 2014 @oliverconze Legal
More informationWEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY
WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY www.alliancetechpartners.com WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY More than 70% of all websites have vulnerabilities
More informationMicrosoft Security Development Lifecycle for IT. Rob Labbé Application Consulting and Engineering Services roblab@microsoft.com
Microsoft Security Development Lifecycle for IT Rob Labbé Application Consulting and Engineering Services roblab@microsoft.com The Reasons for Secure Software There are many threats to data and systems
More informationHow To Ensure That Your Computer System Is Safe
Establishing a Continuous Process for PCI DSS Compliance Visa, MasterCard, American Express, and other payment card companies currently require all U.S. merchants accepting credit card payments to comply
More information2015 Vulnerability Statistics Report
2015 Vulnerability Statistics Report Introduction or bugs in software may enable cyber criminals to exploit both Internet facing and internal systems. Fraud, theft (financial, identity or data) and denial-of-service
More informationProven LANDesk Solutions
LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations
More informationWHITEPAPER. Nessus Exploit Integration
Nessus Exploit Integration v2 Tenable Network Security has committed to providing context around vulnerabilities, and correlating them to other sources, such as available exploits. We currently pull information
More informationSAP HANA Cloud Applications Partner Program Certification
SAP HANA Cloud Applications Partner Program Certification Technical Product Profile (TPP) and Test Catalogue (TC) for SAP certified SAP HANA Cloud Applications April 9, 2013 Dear SAP HANA Cloud Application
More informationSecuring Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group
Securing Your Web Application against security vulnerabilities Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group Agenda Security Landscape Vulnerability Analysis Automated Vulnerability
More informationInfluencing Customer Connection Get more value from your SAP investments. Delivery Call Focus Topic NetWeaver MDM
Influencing Customer Connection Get more value from your SAP investments Delivery Call Focus Topic NetWeaver MDM Legal disclaimer The information in this presentation is confidential and proprietary to
More informationSAP HANA SPS 09 - What s New? HANA IM Services: SDI and SDQ
SAP HANA SPS 09 - What s New? HANA IM Services: SDI and SDQ (Delta from SPS 08 to SPS 09) SAP HANA Product Management November, 2014 2014 SAP SE or an SAP affiliate company. All rights reserved. 1 Agenda
More informationFrom Rivals to BFF: WAF & VA Unite OWASP 07.23.2009. The OWASP Foundation http://www.owasp.org
From Rivals to BFF: WAF & VA Unite 07.23.2009 Brian Contos, Chief Security Strategist Imperva Inc. brian.contos@imperva.com +1 (650) 832.6054 Copyright The Foundation Permission is granted to copy, distribute
More informationWeb App Security Audit Services
locuz.com Professional Services Web App Security Audit Services The unsecured world today Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System
More informationAcunetix Web Vulnerability Scanner. Getting Started. By Acunetix Ltd.
Acunetix Web Vulnerability Scanner Getting Started V8 By Acunetix Ltd. 1 Starting a Scan The Scan Wizard allows you to quickly set-up an automated scan of your website. An automated scan provides a comprehensive
More informationAnnex B - Content Management System (CMS) Qualifying Procedure
Page 1 DEPARTMENT OF Version: 1.5 Effective: December 18, 2014 Annex B - Content Management System (CMS) Qualifying Procedure This document is an annex to the Government Web Hosting Service (GWHS) Memorandum
More informationASP.NET MVC Secure Coding 4-Day hands on Course. Course Syllabus
ASP.NET MVC Secure Coding 4-Day hands on Course Course Syllabus Course description ASP.NET MVC Secure Coding 4-Day hands on Course Secure programming is the best defense against hackers. This multilayered
More informationData Integration using Integration Gateway. SAP Mobile Platform 3.0 SP02
Data Integration using Integration Gateway SAP Mobile Platform 3.0 SP02 DOCUMENT ID: DC02000-01-0302-01 LAST REVISED: February 2014 Copyright 2014 by SAP AG or an SAP affiliate company. All rights reserved.
More informationSAP Security Monitoring with agilesi. agilesi tm Solution Brief Product Specification July 2012 Version 1.1
SAP Security Monitoring with agilesi Solution Brief agilesi Rel. 1.1 Product Overview agilesi turns SAP Security Data into Insight, Action and Competitive Advantage. The new agilesi solution is a game-changer
More informationLibrary Systems Security: On Premises & Off Premises
Library Systems Security: On Premises & Off Premises Guoying (Grace) Liu University of Windsor Leddy Library Huoxin (Michael) Zheng Castlebreck Inc. CLA 2015 Annual Conference, Ottawa, June 5, 2015 Information
More informationProcessed on SAP Solution Manager Service Center Release EHP 1 for Solution Manager 7.0 Telephone Service Tool 701_2011_1 SP0 Fax
SERVICE REPORT SAP Security Optimization Self-Service SAP System ID SAP Product Release DB System Customer Processed on SAP Solution Manager Service Center Release EHP 1 for Solution Manager 7.0 Telephone
More information