Requires Free Membership to View
|
TABLE OF CONTENTS Fundamentals of SAP security and apps security Threats to security Analysis Action More Learning Guides |
| Fundamentals of SAP security and apps security | Return to Table of Contents |
- Securing SAP (SearchSAP.com)
- SAP security (SearchSAP.com)
- SAP Security Learning Guide (SearchSAP.com)
- Securing applications -- The new frontier in security (SearchAppSecurity.com)
- About the Open Web Application Security Project (SearchAppSecurity.com)
- Keep the bad guys out: Build security into the SDLC (SearchAppSecurity.com)
- SAP security vs. others (SearchSAP.com)
- Best security practices for large SAP installations (SearchSAP.com)
- Common SAP security practices (SearchSAP.com)
- Basics of application security (SearchSecurity.com)
- Web application threats and vulnerabilities (SearchSecurity.com)
- Are you using security technology effectively? (SearchSecurity.com)
| Threats to security | Return to Table of Contents |
Web application threats
- How to counter cross-site scripting attacks (SearchAppSecurity.com)
- Don't become a victim of SQL injection (SearchAppSecurity.com)
- Avoid the hazards of unvalidated Web application input (SearchAppSecurity.com)
- Block and reroute denial-of-service attacks (SearchAppSecurity.com)
- Deal with cross-site scripting (SearchAppSecurity.com)
- Which key is which? (SearchAppSecurity.com)
- Improper error handling (SearchAppSecurity.com)
- Defense tactics for SQL injection attacks (SearchAppSecurity.com)
- Cryptography basics for infosecurity managers (SearchAppSecurity.com)
- Anatomy of a hack: Cross-site scripting (SearchAppSecurity.com)
- You can prevent buffer-overflow attacks (SearchSecurity.com)
- Buffer-overflow attacks: How do they work? (SearchSecurity.com)
- OWASP Guide to Building Secure Web Applications, 11: Session Management (SearchAppSecurity.com)
- OWASP Guide to Building Secure Web Applications, 12: Data Validation (SearchAppSecurity.com)
- OWASP Guide to Building Secure Web Applications, 13: Interpreter Injection (SearchAppSecurity.com)
- OWASP Guide to Building Secure Web Applications, 15: Error Handling, Auditing and Logging (SearchAppSecurity.com)
- OWASP Guide to Building Secure Web Applications, 17: Buffer Overflows (SearchAppSecurity.com)
- OWASP Guide to Building Secure Web Applications, 19: Cryptography (SearchAppSecurity.com)
- OWASP Guide to Building Secure Web Applications, 20: Configuration (SearchAppSecurity.com)
- OWASP Guide to Building Secure Web Applications, 22: Denial of Service Attacks (SearchAppSecurity.com)
- Automated SQL injection: What your enterprise needs to know -- Part 2 (SearchSecurity.com)
Authentication and Authorization
- SAP authorizations (SearchSAP.com)
- Prevent password change (SearchSAP.com)
- Parameters for establishing SAP password policies (SearchSAP.com)
- Securing Web apps against authenticated users (SearchAppSecurity.com)
- Authentication and access (SearchSecurity.com)
- Password policy worst practices (SearchSecurity.com)
- SAP passwords revealed (SearchSAP.com)
- SAP authorization and security classes (SearchSAP.com)
- Assigning limited password reset-authority (SearchSAP.com)
- Secure passwords (SearchSecurity.com)
- Authentication methods (SearchSecurity.com)
Web services
- Why do Web services impact security? (SearchAppSecurity.com)
- SAP security (SearchSAP.com)
- OWASP Guide to Building Secure Web Applications, 8: Web Services (SearchAppSecurity.com)
- January, 2006: Put Web services security on front burner (SearchAppSecurity.com)
- January, 2006: Analyst: Start thinking Web services security now (SearchWebServices.com)
- October, 2005: Web services security specs hit the standards track (SearchWebServices.com)
- August, 2005: Web services security standards to establish trust (SearchWebServices.com)
- July, 2005: Web services security getting greater scrutiny (SearchWebServices.com)
| Analysis | Return to Table of Contents |
SAP vulnerability analysis
- Securing SAP (SearchSAP.com)
- Security concerns when upgrading from v.3.1 to v.4.6x (SearchSAP.com)
- Was a security role removed in R/3 Enterprise? (SearchSAP.com)
- What's the best tool to get started on security testing? (SearchAppSecurity.com)
- Are my apps secure? (SearchAppSecurity.com)
- Reason for application vulnerabilities (SearchAppSecurity.com)
- Establishing security parameters (SearchSAP.com)
- Are you leaving your apps open to attack? (SearchAppSecurity.com)
- Judicious use of tips (SearchSAP.com)
- Vulnerability assessment: Leave the scanning to someone else? (SearchAppSecurity.com)
- November, 2005: Flaw opens SAP Web Application Server to phishing scams (SearchSAP.com)
- July, 2005: Customers warned of critical SAP flaw (SearchSAP.com)
- Feb, 2006: Web application firewalls critical piece of the app security puzzle (SearchAppSecurity.com)
Standards and Regulations
- SOX Security School (SearchSecurity.com)
- Compliance management (SearchSAP.com)
- Compliance (SearchSecurity.com)
- March, 2005: SAP to bolster compliance with reseller partnership (SearchSAP.com)
RFID
- RFID on the rise? (SearchSAP.com)
- SAP RFID (SearchSAP.com)
- Is RFID ready for primetime? (SearchSAP.com)
- Face-off: Debating RFID (SearchSAP.com)
- RFID secrets: SAP customers ready systems for RFID (SearchSAP.com)
- April, 2005: Suppliers must look beyond RFID compliance, analyst says (SearchSAP.com)
- April, 2005: SAP advises to take RFID one step at a time (SearchSAP.com)
- April, 2005: Will new RFID technology help or hinder security? (SearchSecurity.com)
| Action | Return to Table of Contents |
Countermeasures
- What kinds of app security tools are there? (SearchAppSecurity.com)
- Block and reroute denial-of-service attacks (SearchSecurity.com)
- Thwarting Hacker Techniques: Internet data manipulation (SearchSecurity.com)
- Defense tactics for SQL injection attacks (SearchSecurity.com)
You can prevent buffer-overflow attacks (SearchSecurity.com)
Vulnerability management
- Compliance management (SearchSAP.com)
- Establishing security parameters (SearchSAP.com)
- Mass changing of SAP passwords (SearchSAP.com)
- Best practices for managing secure Web server configurations (SearchAppSecurity.com)
- Beware: Security testing tools won't find everything (SearchAppSecurity.com)
- Best practices for password protection (SearchSecurity.com)
- Introduction to J2EE-based WebSphere security (SearchAppSecurity.com)
Disaster recovery
- Disaster recovery (SearchSAP.com)
- Disaster recover spending -- How much is enough? (SearchSAP.com)
- BCP plans key to emergency planning (SearchSAP.com)
- Disaster recovery: Are you prepared? (SearchSAP.com)
- Patching the patch process (SearchSAP.com)
- How to survive a data breach (SearchSecurity.com)
- Concerns raised on tape backup methods (SearchSecurity.com)
- Restore a back-up tape and recover usable data (SearchSecurity.com)
- Disaster recovery/business continuity plans (SearchSecurity.com)
- Webcast>Evaluating and using wireless to enable crisis management (SearchSecurity.com)
Deploying applications securely
- White paper>The do's and don'ts of SAP security (SearchSAP.com)
- What is the best way to encrypt messages? (SearchSAP.com)
- SearchSecurity.com's Web Security School (SearchSecurity.com)
- August, 2005: Dos and don'ts: Ensuring apps security from the get-go (SearchOpenSource.com)
Incorporating security in the software development lifecycle
- Keep the bad guys out: Build security into the SDLC (SearchAppSecurity.com)
- January, 2006: Incorporation of security in development lifecycle sea of change (SearchAppSecurity.com)
- January, 2006: Build accountability for security into the development process (SearchAppSecurity.com)
- Are development security tools necessary? (SearchAppSecurity.com)
- The methodology of software creation/distribution (SearchAppSecurity.com)
| More Learning Guides | Return to Table of Contents |
- SAP Certification Learning Guide (SearchSAP.com)
- SAP Security Learning Guide (SearchSAP.com)
- Top 10 most critical Web application security vulnerabilities (SearchAppSecurity.com)
- SAP CRM Learning Guide (SearchSAP.com)
- ERP guide for the midmarket (SearchSAP.com)
- SAP Job Seeker's Learning Guide (SearchSAP.com)
- SAP Career Advancement Learning Guide (SearchSAP.com)
- SAP NetWeaver Learning Guide (SearchSAP.com)
- SAP BW Learning Guide (SearchSAP.com)
- Business Intelligence (BI) Learning Guide (SearchSAP.com)
- SAP HR Learning Guide (SearchSAP.com)
- SAP XI Learning Guide (SearchSAP.com)
- SAP RFID Learning Guide (SearchSAP.com)
- BAPI Learning Guide (SearchSAP.com)
- Basis Learning Guide (SearchSAP.com)
- Firewall Resource Guide (SearchSecurity.com)
- HIPAA Learning Guide (SearchSecurity.com)
- VoIP Security Resource Guide (SearchSecurity.com)
This was first published in February 2006
Join the conversationComment
Share
Comments
Results
Contribute to the conversation