The bombshell exploded directly at the beginning of the year: almost all computer chips worldwide are affected by the so-called "Spectre" and "Meltdown" attack scenarios. They have their effect on hardware level and are therefore not limited to an OS. To make matters worse, the required patches will slow down affected devices. A vulnerability could not possibly cause more ripples. From an SAP® customer's viewpoint, the question whether this affects the security of my SAP systems comes to mind. Are they even at risk and if so, how high is the risk? Find all important answers in this post.Read more
Life at Virtual Forge is multifaceted; our tasks are widely spread between IT, Support and Marketing. We would like to give you a better insight: What does the work day of, e.g. an employee in the Support department look like? Which qualities does one need to become a dual student in our IT department or what do our Sales employees associate with our company?
We have asked our colleagues and will now introduce a new employee to you in our blog series “Life @ Virtual Forge” on a regular basis.
In order to systematically find security vulnerabilities in custom SAP® developments and to correct errors, Krones AG introduced automated code checks despite of initial doubts. After a two year operating period, the machine and plant manufacturer draws a positive conclusion.Read more
An increasing number of companies report on the importance of vulnerability scanners in the IT context. We will go one step further and tell you why it is reasonable to particularly use vulnerability scanners for your SAP® systems.Read more
The news about the KRACK attack is causing quite a fuss in the media. This is not surprising since it effects a Wi-Fi-technology thought to be safe until now. Plus, surely everyone uses this encryption. But what does this vulnerability to WPA2 encryption mean to SAP® customers?Read more
It's amazing that this vulnerability was published as late as 2012, considering the fact that the SAP gateway is a standard interface for every SAP system. And specifically interfaces should be secured by all means. Eventually it was SAP themselves, which had drawn attention to the SAP Gateway Exploit. One of the most dangerous weaknesses of each SAP system is thus recognized - but still not secured at many SAP customers.
It sometimes seems like new trends aren't even that new. This is especially hard to notice, if the trend has even gotten a new new. This is the case with DevOps or DevSecOps if security is being included.Read more
At TRUMPF, an interruption to its SAP system could have serious consequences. This is why the mechanical engineering company, located in southwestern Germany, takes a targeted approach to ensuring seamless system operations. One approach is to use the Virtual Forge CodeProfiler, which identifies risks in custom ABAP code.
BY SEBASTIAN REIM, SAP DEVELOPMENT TEAM LEAD AT TRUMPF GMBH + CO. KG
Just like in life, small things can have a big impact on SAP development. For example, the quality of the customer’s code naturally depends on several factors, like the correct interception of exceptions, the use of sufficient comments, and making sure that database access does not unnecessarily waste any resources. But if one takes a closer look at customers’ development guidelines, one often finds a passage dictating naming conventions. Applying these naming conventions to all objects is not an easy task though.Read more
No matter if Industry 4.0, SAP HANA, Cloud or Blockchains: if you want to survive on the global market, you cannot afford to shut yourself off to recent IT trends. This is also shown by the relevant offers of SAP. But the progressing digitalization means higher demands on security.Read more
Old school email phishing attacks just won't go away. Here's how to make sure your enterprise stays ready.Read more
As hospitals increasingly utilize connected medical devices, healthcare enterprise systems are struggling to keep up with the new security measures that these devices require to keep them (and their patients) safe from hackers.Read more
As CEOs sit up and take notice of IT infrastructure by shifting investment dollars towards digitalization, CIOs see an opportunity for a larger cybersecurity investment.Read more
The role of the IT professional has changed more in the last 5 years than most jobs. Cybersecurity is now one of four core IT skills that CIOs say will be necessary for the next generation of IT professionals.Read more