SAP Basis SCU3 Evaluation of logged customizing objects and tables - SAP Corner

Direkt zum Seiteninhalt
SCU3 Evaluation of logged customizing objects and tables
System updates
For example, many customer ABAP programs work by uploading or downloading data. There are potentially large security gaps here that allow access to server data. In addition, the widespread direct invocation of operating system commands that are not covered by a self-programmed authorization check is a major problem. Even though classic SQL injection, i.e., the entry of extended SQL commands, is a potential security vulnerability, it occurs rather rarely in SAP systems. More widespread is the unintentional dynamization of SQL calls because input parameters are not sufficiently checked. The need to check all in-house developments internally for such security vulnerabilities before they are delivered in SAP's own code has led to the development of the SAP Code Vulnerability Analyzer tool.

The 5 most common errors in SAP test management In this blog post I would like to discuss the 5 most common errors in SAP test management, which in my experience occur regularly in this area. I hope that with this I can give you some guidance so that you can avoid these mistakes. No test management Quite simple. You have complex SAP software in use or are just introducing a new module tailored to your company, but the test process plays a subordinate role and tests take place only sporadically and unstructured? Then you have already made the first mistake. To ensure high software quality, avoid hidden consequential error costs and consciously plan for a test period instead of the risk of time bottlenecks, a methodical approach should be planned. Too much testing If you have decided to introduce test management, you need to weigh up the resources required for this. A large amount of testing quickly pushes the cost-benefit ratio into the realm of inefficiency, because the time required for testing drives up costs. On the other hand, the test quality should of course be high. Therefore, a structured and comprehensive approach is of high importance. Basically, you should make sure that the costs for the test effort do not exceed the average of the consequential failure costs.
In addition to project-based training, we offer individually prepared training courses on the following topics:
Hosting environments and third-party offerings have also contributed to these improvements. Public cloud environments such as Azure and AWS provide a layer of abstraction that eliminates the difficult task of maintaining hardware that was required with SAP on-premises.

We are transparent and open. It is not part of our philosophy to make ourselves irreplaceable with you. In our eyes, this is a matter of course for a long-term partnership.

"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP basis.

It is developed individually with reference to the company.

Some useful tips about SAP basis can be found on

Rights for calling the table(s) to be retrieved must be assigned.
SAP Corner
Zurück zum Seiteninhalt