Posts From the monthly archives: "March 2017"

Everybody who knows the old SAP Identity Management Web DynPro user interface knows how unattractive it is. Therefore, some of our customers requested a nicer, modern and user-friendlier UI. As a result, we had to develop something new for the market. Our decision fell on SAP Fiori because it works on every device (computer…(Read More)

SU24 Tips and Tricks

Introduction to the blog series When creating a role in PFCG and adding objects to the menu, the authorizations maintenance will automatically merge authorization proposals from transaction SU24 into the role. How accurate and complete these proposals are, depends on maintaining accurate and complete SU24 proposals. Strong maintenance results in robust roles for the end…(Read More)

In this article, I’ll the discuss the differences between direct vs. indirect role assignment in the context of SAP authorizations. Each assignment scenario has its pros and cons, and you can use both independently or in combination to complementary each other. What are direct role assignments? Authorization roles (and profiles) are directly assigned to…(Read More)

XITING Announces a New Release of the Xiting Authorizations Management Suite (XAMS), Its Flagship Automation and Security Solution for SAP Systems. Xiting Authorizations Management Suite (XAMS) dramatically simplifies role design, maintenance, testing as well as vulnerability scanning of custom ABAP code and the creation & validation of SAP security concepts.  Tampa, FL, March 17, 2017…(Read More)

Many SAP customers develop applications by writing custom ABAP code. That’s a risk if you don’t have proper ABAP code scanning procedures in place. In this article, I will explain how to analyze and mitigate the risk in custom code using the Xiting ABAP Alchemist. Business processes are constantly evolving, and businesses must…(Read More)

SAP Security Brunch in Atlanta

EPI-USE America and Xiting invite you to join them for the first SAP Security Brunch. Hear directly from Juliet Henry, Michael Kummer, and Marius Smit as they share customer success stories, latest security trends, and lessons learned. Date: Friday, April 14th, 2017 Location: Savor Restaurant at the Westin Atlanta Perimeter North, 7 Concourse Pkwy…(Read More)

AUDI AG used the Xiting Authorizations Management Suite (XAMS) to verify the authorizations of more than 500 RFC interfaces within a complex SAP system landscape, thereby closing any potential security holes without disrupting operations. Project in a nutshell Audi is a German automobile manufacturer located in Ingolstadt, Germany, has 85’000 employees, with total sales…(Read More)

Testing new roles without providing extra resources and without interrupting the daily business? Yes! That´s possible with the productive test simulation (pTs) and its ability to simplify testing of new roles. We all know what steps are required after building new roles. The newly created roles need to be tested thoroughly from a technical…(Read More)

The ABAP Alchemist is a dedicated module within the Xiting Authorizations Management Suite (XAMS) that can help you optimize custom ABAP code and make recommendations for missing authorization checks. In the development of custom programs, there is a fundamental challenge to meet different requirements. These include security, stability, extendability, and ease of use. An important…(Read More)

Subscribe to our SAP Security Newsletter

Stay up to date with the latest SAP security news and receive valuable tips and tricks by subscribing to our newsletter.