Contact Us
How you can contact us:

Security Whitepapers

Security Whitepapers

To help you increase the security of your SAP systems, SAP provides you with Security Whitepapers. The objective of this series is to give you concise, easy-to-understand and easy-to-implement information on how to improve the security of your IT systems. The series covers various aspects of security including recommendations for system configuration as well as guidance and support for the implementation of SAP security fixes. 

SAP Business Technology Platform in GxPDiscover how SAP helps enterprises in the life sciences industry address the challenges of integrating and extending processes while paying careful attention to industry and government regulations. Find out how SAP Business Technology Platform and its built-in services can help you create 21st-century applications.      PDFFebruary 2022    English
SAP HANA  Security WhitepaperThis whitepaper gives IT security experts an overview of what they need to understand about SAP HANA in order to comply with security-relevant regulations and policies and to protect their SAP HANA implementation and the data within from unauthorized access.
       PDFMarch 2021
(or newer)

SAP Cloud Platform Security: Trust Matters

This document provides you with an understanding of our comprehensive approach to security in SAP Cloud Platform. Beyond this, the document gives an overview of the available security services in SAP Cloud Platform and of their functional capabilities. PDF
May 2017English
SAP's Standards, Processes, and Guidelines for Protecting Data and InformationThis document describes how SAP helps to ensure that the software systems, information, and data of its customers are fully protected.PDFAug 2016English
Managing Security with SAP Solution ManagerExplore the various aspects of building, setting up, and operating a secure system landscape and the ways in which SAP Solution Manager supports these tasks as an IT services and operations management tool.PDFJun 2015English
SAP Security Recommendations: Securing Remote Function Calls (RFC)SAP reviewed and improved the security controls used by Remote Function Calls (RFC). RFC is an SAP-proprietary communication protocol. Most SAP customers run business-critical system communication using RFC technology. Keeping business data that is processed via RFC secure is as important to SAP and its customers as ensuring uninterrupted business operations.PDFNov 2014English
Security Services von SAP Active Global SupportMit einer globalen Support-Organisation unterstützt SAP seine Kunden dabei, die Qualität und Zuverlässigkeit ihrer Anwendungen sicherzustellen - und zwar über den gesamten Lebenszyklus hinweg. Mehr als 2.000 Service- und Support-Mitarbeiter in über 40 Ländern sorgen bei SAP Active Global Support dafür, dass die unternehmerischen Geschäftsprozesse der SAP-Kunden möglichst reibungsfrei, geschützt und sicher laufen.PDFJun 2012Deutsch
Sicheres Cloud Computing mit SAPWer sich für Software as a Service (SaaS) entscheidet, gibt sensible Informationen und IT-Infrastrukturen in fremde Hände. Den sicheren Betrieb und Schutz übernimmt der Cloud-Anbieter. Umso wichtiger ist es, dessen Sicherheits- und Datenschutzverfahren genau unter die Lupe zu nehmen. Genau diese Frage adressiert das vorliegende Dokument.PDFFeb 2012Deutsch
Secure Configuration of SAP NetWeaver Application Server Using ABAPThe document provides an overview about the most important configuration activities that should be performed for the ABAP server of an SAP NetWeaver-based system. The general scope of this document is the protection of SAP ABAP systems from unauthorized access within the internal corporate network. For Internet scenarios additional security measures have to be considered and implemented.PDFJan 2012English
Protecting SAP Applications Against Common AttacksThis paper explains the measures SAP strongly recommends that its customers apply to enhance the level of security with respect to certain common attack types. The paper describes, in detail, vulnerabilities and the possible exploit patterns and how to protect applications against them. Furthermore, it provides guidance on how to make custom-developed applications more secure.PDFNov 2011