In the September edition of monthly webinar Defeat the Hackers, INDUS Security Special Interest group hosted Shipra Aggarwal and Bibin Mathew from SAP Labs India Bangalore.

Two topics were covered in this month’s session:

  1. Critical SAP Security Notes Released this Quarter
  2. CVE (Common Vulnerability and Exposures)

Critical SAP Security Notes Released this Quarter

Bibin presented on the new critical patches that were released this quarter (July 2020 – Sep 2020) and should be consumed by customers on high priority. The session covered more details about these critical patches including:

  • Products affected
  • Impact
  • Availability of workarounds & FAQs

Please refer to the slides and recording for more information.

CVE (Common Vulnerability and Exposures)

Shipra shared the importance of CVE (Common Vulnerability and Exposures) for SAP customers in enhancing the security posture of their landscapes.

The session provided an overview on the need for CVEs for software security vulnerabilities. At the session, Shipra also spoke about how and when SAP became a CVE Numbering Authority and the benefits of doing so.

She also shared some practical tips on making the best use of CVEs.

In addition, the session also detailed on the following aspects:

  • Why do we need CVEs and what it is?
  • How SAP assigns CVE-IDs for its patched security vulnerabilities?
  • Understanding the CVE entry from MITRE and NVD
  • How customers can make use of CVEs to consume SAP patches effectively?

Some of the resources that she shared are as below:

Leave a Reply

Your email address will not be published.