SAL will ensure the security of the system only if it is properly configured (SM19/RSAU_CONFIG) AND looked after (SM20/RSAU_READ_LOG), and if access to it is strictly limited and controlled. Both the Basis department and security key users (auditors) have something to say at the configuration.

What are SAP notes? Generalizing, we can say that they are small updates to the software - they contain corrections to the code, include a description of the problem, etc. Their second role is support, which does not contain corrections/updates but documents a specific problem, often in broad terms.

How do you prepare for it with SAST and what benefits does it bring to the organization? Any thought on increasing security in an organization that takes the form of a plan or at least a discussion is worthy of consideration.

SAST's Super User Management module offers a feature that allows users to work without SAP_ALL or other critical authorizations on the production system.

It is estimated that by 2020, about 30% companies globally will start using S4/HANA in production (in 2018, only 2% of all companies were using S4). I will discuss two areas that should be addressed if we are to raise (or maintain a high) level of security of the target system - authorizations and

This article will also refer to passwords, but already more indirectly and in a broader spectrum. We will consider how by improving the security of the system related to logins we can help administrators.After all, admins deserve a bit of a breather doing their heavy and responsible tasks, right?