SAP RFC Security

Posted by Andrea Mazzolani on Dec 2, 2022 8:15:00 AM

RFC means Remote Function Call and it's the SAP standard interface that make the systems communicate between eachother.


Failing to configure this aspect can expose the system to a series of security problems. There are multiple aspects to keep in mind. In this article we will talk about how to protect the system from RFC calls made from third party systems or from other SAP systems.

Read More

Topics: rfc, rfc security, UCON

SAP Data Loss Prevention, what to do?

Posted by Andrea Mazzolani on Nov 11, 2022 8:15:00 AM

What does Data Loss Prevention mean?


It means to "put in place" all the possible actions to prevent non-authorized data leaks.


Data leak and data loss have multiple meanings. But what can you do in SAP?

Fuga di dati e perdita di dati hanno significati molteplici. Ma come è possibile fare in SAP?

Read More

Topics: sap hana, rfc security, SAP audit, soar, sap siem, sap etd, SAP DLP, data loss prevention

System Users with SAP_ALL assigned, no thanks!

Posted by Fabio Mambretti on Jun 24, 2022 8:15:00 AM

This one's a bad habit. Most common causes are:


  • Project necessities not better detailed
  • Scarse sensibility towards data security
  • Scarse knowledge of potential problems of this action


Why should you remove these users, even non-interactive ones, ASAP? Let's see some examples!

Read More

Topics: sap_all, auditing, rfc, rfc security, rfc destination, system users

Yes Subscribe!

Blog Aglea, what you could find out?

Every Friday a new post, interview or content related to SAP Security.

  • Tips on how to design SAP Security
  • How to
  • Checklist
  • Common error and pitfall on security SAP
  • Interview with experts
  • Who we are and Aglea vision on SAP Security

Recent Posts

Post By Topic

See all