English | Deutsch | Español

Virtual Forge Blog

Cyber Security | Compliance | Stability

For over 10 years we help companies around the world to optimize the security and stability of their SAP landscapes. On the Virtual Forge Blog, our experts provide relevant content ready to help you to better understand and mitigate your IT risks.


G7 Countries Set Cyber Security Guidelines

November 30, 2016

A spate of recent digital-age bank robberies have lead to new non-binding cyber security guidelines for banking institutions, but will they be enough to keep your accounts safe?

Read more

IoT Security Weaknesses Contribute to Major DDoS Attack on Dyn

November 22, 2016

It took two decades for enterprise clients to begin taking PC security seriously. How long will it take to patch the next major hole in their defenses, IoT networked devices?

Read more

MEAG Case Study: Scanning for SAP ABAP Code Quality

November 21, 2016

MEAG sets its sights on greater security in SAP application development

Anyone who outsources SAP application development to a service provider needs effective methods for controlling SAP ABAP code quality and code security. MEAG uses CodeProfiler from Virtual Forge to achieve this.

Read more

Poor Enterprise Security Can Cost You - Even if You Don't Have a Breach

November 18, 2016

In a move that's a dark cloud for enterprise companies (but a silver lining for IT managers), FICO - the organization that quantifies the creditworthiness and credit risk of both consumers and companies - has just released an enterprise security score.

Read more

Tesco Bank Becomes Latest Target for Cyber Criminals

November 15, 2016

Major British financial services firm, Tesco Bank, becomes the latest in an uptick of cyber crime targeted towards financial institutions.

Read more

More talent needed for IT security

November 13, 2016

The huge shortage of skilled workers in the area of cybersecurity could be absorbed by IT-enthusiastic young people - if employers and educational institutions would do more to make the relevant jobs attractive.

Read more

ZF Case Study: A New Milestone in SAP Security

October 19, 2016

SAP systems are a preferred target of many of the hackers out there. Having taken this fact to heart, ZF Friedrichshafen AG recently reached another milestone in comprehensive SAP security management by conducting a series of systematic penetration tests.

Read more

How to Apply General IT Governance Rules to the SAP Infrastructure

October 18, 2016

At many companies, the SAP environment is a "blind spot" in IT security. It is wrongly argued that SAP systems and software have a number of specialities which make it unnecessary to apply general IT security guidelines to the SAP infrastructure or even make it seem pointless. A critical look at the arguments and their dangers.

Read more

MLP Case Study: Fully Outsourced IT

August 16, 2016

In a radical move, the financial service provider MLP has outsourced all of its IT to a service partner in order to focus more on its core business. To maintain control, the company is relying on process mining and Virtual Forge SystemProfiler. MLP’s Oliver Wildenstein explains how this arrangement works.

Read more

Configuring ABAP Log Files for SAP Enterprise Threat Detection (Part 2)

August 2, 2016

In Part 1 of his blog post series, Virtual Forge SAP Security Expert DENIS BORMOTOV introduced you to the first three ABAP log files that SAP Enterprise Threat Detection (SAP ETD) is capable to process and analyze for security events in the SAP Netweaver ABAP environment. Now in Part 2, he describes the remaining log files.

Read more

New Feature: „Finding Status Synchronization“ – A Welcome Addition to ABAP Code Scanning

July 27, 2016

Code-Scanning, when done right, can be a tricky issue. Of course, you could just scan your code, get a list of all issues and then manually correct them. In the real world, this approach usually doesn’t work, in an SAP environment even less so. Instead, you’d want to integrate code scanning fully into the development process. And that’s where it gets tricky in SAP.

Read more

Configuring ABAP Log Files for SAP Enterprise Threat Detection (Part 1)

July 19, 2016

SAP Enterprise Threat Detection (SAP ETD) is a solution that analyzes IT security risks in real time in a given SAP environment. By assessing the log files of the systems at hand – including network components, databases, and applications from both SAP and other providers – SAP ETD can quickly and reliably detect attacks from internal and external sources, enabling you to take corresponding measures as fast as possible. Combined in one unified log in SAP ETD and enriched with the semantic attributes it brings the most powerful analysis capabilities of incidents.

Read more

Avoiding Data Sniffing in SAP

July 12, 2016

Encryption is a hot topic these days. The Apple vs. FBI case again ignited the discussion whether government agencies should be able to enforce an access to encrypted data. Still, there is no doubt that encrypted communication is reasonable, as data sniffers should not be given the slightest opportunity to capture sensible data at all. Interestingly, this concept has not made its way to SAP security.

Read more

SAP configuration control made easy – the new SystemProfiler 3.1

June 7, 2016

New Reporting Dashboard and more test cases for testing SAP HANA authorizations. The new version 3.1 of the System Profiler has it all: Here are the highlights.

Read more

Scan your SAP Code in the Virtual Forge Cloud

May 31, 2016

Send your ABAP code to the Virtual Forge Cloud and get instant feedback on your SAP ABAP code quality: It's as simple as uploading your code to our website and clicking "Scan".

Read more