Security Whitepapers
To increase the security of your SAP systems, SAP provides you with Security Whitepapers. The objective of this series is to give you concise, easy-to-understand and easy-to-implement information on how to improve the security of your IT systems. The series covers various aspects of security including recommendations for system configuration as well as guidance and support for the implementation of SAP security fixes.
| Title | Description | Download | Date | Language |
|---|---|---|---|---|
| SAP Business Technology Platform in GxP | Discover how SAP helps enterprises in the life sciences industry address the challenges of integrating and extending processes while paying careful attention to industry and government regulations. Find out how SAP Business Technology Platform and its built-in services can help you create 21st-century applications. | 2025-08 | English | |
| The Secure Software Development Lifecycle at SAP | Learn how SAP has implemented a secure software development lifecycle (secure SDL) for software development projects. Discover how secure SDL provides a framework for training, tools, and processes. | Link | 2020-09 | English |
| Managing Security with SAP Solution Manager | Explore the various aspects of building, setting up, and operating a secure system landscape and the ways in which SAP Solution Manager supports these tasks as an IT services and operations management tool. | 2015-06 | English | |
| SAP Security Recommendations: Securing Remote Function Calls (RFC) | SAP reviewed and improved the security controls used by Remote Function Calls (RFC). RFC is an SAP-proprietary communication protocol. Most SAP customers run business-critical system communication using RFC technology. Keeping business data that is processed via RFC secure is as important to SAP and its customers as ensuring uninterrupted business operations. | 2023-03 | English | |
| Protecting SAP Applications Against Common Attacks | This paper explains the measures SAP strongly recommends that its customers apply to enhance the level of security with respect to certain common attack types. The paper describes, in detail, vulnerabilities and the possible exploit patterns and how to protect applications against them. Furthermore, it provides guidance on how to make custom-developed applications more secure. | 2011-11 | English |