Posts From the monthly archives: "March 2017"
Xiting SAP Security Blog

Everybody who knows the old SAP Identity Management Web DynPro user interface knows how unattractive it is. Therefore, some of our customers requested a nicer, modern and user-friendlier UI. As a result, we had to develop something new for the market. Our decision fell on SAP Fiori because it works on every device (computer…(Read More)

Xiting SAP Security Blog

Introduction to the blog series When creating a role in PFCG and adding objects to the menu, the authorizations maintenance will automatically merge authorization proposals from transaction SU24 into the role. How accurate and complete these proposals are, depends on maintaining accurate and complete SU24 proposals. Strong maintenance results in robust roles for the end…(Read More)

Governance, Risk and Compliance (GRC)

In this article, I’ll the discuss the differences between direct vs. indirect role assignment in the context of SAP authorizations. Each assignment scenario has its pros and cons, and you can use both independently or in combination to complementary each other. What are direct role assignments? Authorization roles (and profiles) are directly assigned to…(Read More)

Xiting Press Release

XITING Announces a New Release of the Xiting Authorizations Management Suite (XAMS), Its Flagship Automation and Security Solution for SAP Systems. Xiting Authorizations Management Suite (XAMS) dramatically simplifies role design, maintenance, testing as well as vulnerability scanning of custom ABAP code and the creation & validation of SAP security concepts.  Tampa, FL, March 17, 2017…(Read More)

Xiting Authorizations Management Suite (XAMS)

Many SAP customers develop applications by writing custom ABAP code. That’s a risk if you don’t have proper ABAP code scanning procedures in place. In this article, I will explain how to analyze and mitigate the risk in custom code using the Xiting ABAP Alchemist. Business processes are constantly evolving, and businesses must…(Read More)

Xiting Events

Xiting is excited to announce the second SAP Security Brunch in Atlanta, hosted together with our partner EPI-USE. The event is an excellent opportunity to learn, eat and network in a casual environment while learning about the latest trends in SAP security, including customer success stories, and lessons learned. Topics SAP Hacking Attend this…(Read More)

Xiting Case Study

AUDI AG used the Xiting Authorizations Management Suite (XAMS) to verify the authorizations of more than 500 RFC interfaces within a complex SAP system landscape, thereby closing any potential security holes without disrupting operations. Project in a nutshell Audi is a German automobile manufacturer located in Ingolstadt, Germany, has 85’000 employees, with total sales…(Read More)

Xiting Authorizations Management Suite (XAMS)

Testing new roles without providing extra resources and without interrupting the daily business? Yes! That´s possible with the productive test simulation (pTs) and its ability to simplify testing of new roles. We all know what steps are required after building new roles. The newly created roles need to be tested thoroughly from a technical…(Read More)

Xiting Authorizations Management Suite (XAMS)

The ABAP Alchemist is a dedicated module within the Xiting Authorizations Management Suite (XAMS) that can help you optimize custom ABAP code and make recommendations for missing authorization checks. In the development of custom programs, there is a fundamental challenge to meet different requirements. These include security, stability, extendability, and ease of use. An important…(Read More)