Posts Posts by: "Alessandro Banzer"

In my earlier blog about Firefighter lifecycles (https://blogs.sap.com/2014/03/03/firefighter-id-lifecycle/), I mentioned the requirement to review Firefighter IDs on a regular basis. Over the last couple of years, this requirement has become an audit finding in most organizations. Firefighter ID management is still a challenge for most organizations…(Read More)

This article describes the differences between Online and Offline Risk Analysis in SAP Access Control (GRC) based on several SAP Notes and our implementation experience. Before you can run offline analysis at all, you have to set the configuration option “Enable Offline Risk Analysis” to YES (Parameter 1027) in the Access Control configuration settings in…(Read More)

In this article, I’ll the discuss the differences between direct vs. indirect role assignment in the context of SAP authorizations. Each assignment scenario has its pros and cons, and you can use both independently or in combination to complementary each other. What are direct role assignments? Authorization roles (and profiles) are directly assigned to…(Read More)

Many SAP customers develop applications by writing custom ABAP code. That’s a risk if you don’t have proper ABAP code scanning procedures in place. In this article, I will explain how to analyze and mitigate the risk in custom code using the Xiting ABAP Alchemist. Business processes are constantly evolving, and businesses must…(Read More)

AUDI AG used the Xiting Authorizations Management Suite (XAMS) to verify the authorizations of more than 500 RFC interfaces within a complex SAP system landscape, thereby closing any potential security holes without disrupting operations. Project in a nutshell Audi is a German automobile manufacturer located in Ingolstadt, Germany, has 85’000 employees, with total sales…(Read More)

The ABAP Alchemist is a dedicated module within the Xiting Authorizations Management Suite (XAMS) that can help you optimize custom ABAP code and make recommendations for missing authorization checks. In the development of custom programs, there is a fundamental challenge to meet different requirements. These include security, stability, extendability, and ease of use. An important…(Read More)

Role Redesign at Bosch

Bosch Sicherheitssysteme GmbH was able to completely redesign the authorizations of its SAP system in only six months without disrupting operations. Project in a nutshell Bosch Sicherheitssysteme GmbH is located in Grasbrunn, Germany, has 13’000 employees, with total sales of EUR 1,699bn in 2015. Project targets were a complete redesign of all SAP…(Read More)

Access Risk Analysis is a tool within SAP Access Control that enables you to define user access risk (via way of a rule set) and to identify access risk (or simulate for potential risk). It also provides you with system functionality to remediate the risk or mitigate it via assignment of a mitigating control. This…(Read More)

Subscribe to our SAP Security Newsletter

Stay up to date with the latest SAP security news and receive valuable tips and tricks by subscribing to our newsletter.