Friday, 26 December 2014

More critical vulnerabilities in SAP systems


More critical vulnerabilities in SAP systems
7% more Security Notes with respect to 2013, 46% of them critically + SAP HANA, mobile platforms and SAP users targets of attacks in 2015 + SAP security can no longer be hidden for longer - this is the conclusion of the SAP Security Advisories 2014 to 2015 the Onapsis published.

The expert team of Onapsis Research Labs warns in his new Trend Report for SAP security against the growing threat of SAP systems by threats such as Heartbleed, Shellshock, Poodle and Zombie Zero. The analysis shows that 2014 has increased over the previous year, the number of vulnerabilities and exploits that threaten the security of SAP systems. Elaborate threats that target SAP systems with business-critical applications take, even disproportionately strong. A special focus on SAP HANA, mobile threats and directed to such attacks should be for 2015, which have the SAP user directly in his sights.

This year there were 391 SAP Security Notes, of which 46 percent describe vulnerabilities with high priority. The Onapsis Research Labs report that 44 of these weaknesses, and 35 advisories SAP platform and related products concern, which form the basis for CRM and ERP systems such as SAP HANA, Business Objects and SAP Business Suite.

Organizations using SAP Business Objects to track and analyze business performance and reporting. SAP BASIS, however, is limited to the administrative functions and processes within an SAP system, for example, the database, the supporting architecture and user interface.

Complex attacks, which offset the non-SAP security unrest related and affect SAP platforms. Thus, the most critical threats Heartbleed (CVE-2014-0160), Shellshock (CVE-2014-6271) Poodle (CVE-2014-3566) and malware like Zombie Zero. The increase in the area of complex attacks continued in 2014 continued. This includes also the frequent appearance of malware that is precisely aligned to SAP systems - can spy about the Win32 / Gamker Trojan that SAPGUI client

Data must be protected in the cloud and on terminals

"The security industry has never been as complex as today. Starting next year, more and more companies are revising their strategies and begin or continue their processes to migrate to the cloud," said Ezequiel Gutesman, Director of Research at Onapsis Research Labs. 2015 exploit vulnerabilities in key platforms such as SAP HANA undoubtedly hackers. SAP HANA is a central element of the SAP ecosystem. Therefore, the data stored in the SAP platform data must be protected both in the cloud and on the access devices of end users. Risk factors such as stored credentials and cached content therefore require special attention. Given the evolution of the threat in the industry, we offer all SAP users regularly Safety and recommend steps to protect their most critical business data in the coming year."

Friday, 12 December 2014

SAP Transportation Management: Savings of up to 12 percent are possible

  • The new cloud version of SAP TM 9.2 provides transportation services and logistics company needs numerous advantages over competitors
  • These include high scalability, reducing the cost and time involved concentrating on the core competencies and guaranteed use of state-of-the-art technology
  • Partnership between SAP, Camelot ITLab and Global Supply Chain Solutions (SCS-G) aims at the establishment of the new cloud solution from SAP Transportation Management Software (TM) from

SAP Transportation Management: Savings of up to 12 percent are possible
The German logistics industry still has considerable potential savings alone through the use of the new SAP Transportation Management Software (TM) as a SaaS (Software as a Service) transport service providers and companies save with logistics needs up to 12 percent of their costs. SAP (, Camelot ITLab ( and Global Supply Chain Solutions as part of their partnership SAP TM as a cloud solution on the market offer, see the main benefits in a significant reduction of the cost and time involved. Focusing on the core competencies allows customers additional efficiency gains.

  According to G-SCS-Steffen Rabus can "all SAP customers 9.2 design their transportation management much more efficiently using the new cloud solution from SAP TM. The SaaS approach SAP TM is much more flexible, a decisive advantage over the competition. "As always, customers pay only for the scalability of the scope of services that they really need. The time involved in installing and configuring software is considerably less. In addition, the customer through the SaaS solution is always on the cutting edge of technology from SAP TM. The acquisition of licenses, as well as providing an expensive infrastructure omitted. In a monthly service fee and a coordinated package of services all costs are included.

Work to establish the new cloud solution from SAP TM software maker SAP, the IT consulting firm Camelot ITLab and transport logistics specialist Global Supply Chain Solutions (SCS-G) are closely related. The aim is loud Rabus, to gain nationally and internationally significant market share in transport management for the new cloud solution. "With version 9.2 SAP TM currently has a very powerful solution that is based on the cloud and HANA database platform," says the G-SCS-manager. As a longtime partner in the TM implementation Camelot ITLab takes on the task of transforming customer-specific business processes in SAP TM processes and to implement the solution in a new or existing SAP environment within the partnership. G-SCS is a 4PL specialist for operations, i.e. for transport management and freight auditing the customers responsibility.

Global Supply Chain Solutions is a leading provider of Freight Bill Audit and Supply Chain Visibility services. Since the beginning of 2013 G-SCS has been one of the largest 4PL (Fourth Party Logistics) services and software portfolio to the market. The service offering that is coordinated through the G-SCS Integrated Control Tower, including transport management, contract management, and supply chain includes analyzes. Through the use of custom-made, modular G-SCS-solutions, customers can reduce their logistics costs continuously and sustainably.