Explore critical topics shaping today’s SAP landscape—from digital transformation and cloud migration to cybersecurity and business intelligence. Each topic is curated to provide in-depth insights, best practices, and the latest trends that help SAP professionals lead with confidence.
Discover how SAP strategies and implementations vary across global markets. Our regional content brings localized insights, regulations, and case studies to help you navigate the unique demands of your geography.
Get industry-specific insights into how SAP is transforming sectors like manufacturing, retail, energy, and healthcare. From supply chain optimization to real-time analytics, discover what’s working in your vertical.
Dive into the most talked-about themes shaping the SAP ecosystem right now. From cross-industry innovations to region-spanning initiatives, explore curated collections that spotlight what’s trending and driving transformation across the SAP community.
Explore critical topics shaping today’s SAP landscape—from digital transformation and cloud migration to cybersecurity and business intelligence. Each topic is curated to provide in-depth insights, best practices, and the latest trends that help SAP professionals lead with confidence.
Discover how SAP strategies and implementations vary across global markets. Our regional content brings localized insights, regulations, and case studies to help you navigate the unique demands of your geography.
Get industry-specific insights into how SAP is transforming sectors like manufacturing, retail, energy, and healthcare. From supply chain optimization to real-time analytics, discover what’s working in your vertical.
Dive into the most talked-about themes shaping the SAP ecosystem right now. From cross-industry innovations to region-spanning initiatives, explore curated collections that spotlight what’s trending and driving transformation across the SAP community.
A recent vulnerability in SAP Cloud AI services highlights the critical need for holistic security measures across hybrid SAP environments, including both cloud services and on-premises applications.
Even though the specific vulnerabilities discovered by the WIZ researcher have been patched, the incident underscores the ongoing necessity for continuous monitoring and integration of SAP services into broader IT security processes.
Organizations must adopt comprehensive security strategies that encompass vulnerability management, threat detection, and secure development practices to safeguard their SAP environments from emerging threats.
On July 17th, 2024, Hillai Ben-Sasson, a security researcher from the cloud company WIZ released the results of a research focused on SAP Cloud AI services, which was part of a broader research around mainstream AI cloud providers also including Hugging Face and Replicate. The researcher identified a set of weaknesses in the cloud infrastructure of the SAP Core AI service.
On July 17th, 2024, Hillai Ben-Sasson, a security researcher from the cloud company WIZ released the results of a research focused on SAP Cloud AI services, which was part of a broader research around mainstream AI cloud providers also including Hugging Face and Replicate. The researcher identified a set of weaknesses in the cloud infrastructure of the SAP Core AI service. More specifically, the ability to change the user id to arbitrary values (other than root) and to inherit the network rules that were bound to a specific user IDs (in this case, the reserved user id configured for the istio sidecar proxy, which is 1337.)
This allowed the researcher to move from a Kubernetes pod to ultimately access the internal network of that cloud service, including many applications which were not properly secured and also had vulnerabilities of their own. As mentioned in the blog, an attacker posing as a legitimate SAP customer could have had access to other customer’s training data and even to internal cloud environments of SAP customers using the SAP Core AI service.
This research further demonstrates the need for holistic security in today’s hybrid SAP environments, including cloud services as well as SAP Applications. The complexity and criticality of these environments demands no less than a holistic security approach.
Avoiding Vulnerabilities Is Only Part of It: The Need for Continuous Monitoring
Even though the threat represented by this research is ephemeral, since all vulnerabilities have been addressed by SAP in the cloud and customers do not need to apply any change in their environments, the issues are very representative to all SAP technology stack, since they highlight the need for security in cloud environments, beyond the premises of the customer.
Despite the fact these vulnerabilities were patched by SAP and no SAP Security Note was required, it is important to mention that over the past, there’s been SAP Security Notes known to affect cloud services in similar ways.
These are just some examples of patched vulnerabilities that are specific to SAP Applications and services in the cloud.
Nowadays, very few large SAP customers maintain their SAP environments strictly on-premises. The vast majority of them are in some form of a hybrid environment, where they have a mix of the following:
On-Premises Applications: This could be the traditional ABAP-based or Java-based applications such as the SAP ERP, S/4HANA, SAP Solution Manager, SAP Portal or SAP PI/PO
Applications in the Cloud (IaaS): More and more organizations are migrating their traditional SAP Applications, including SAP S/4HANA to public cloud providers such as GCP, Azure or AWS. This also includes initiatives such as RISE with SAP.
Pure Cloud Applications (SaaS): Through acquisitions and the implementation of new technologies, SAP offers applications as SaaS Applications. Examples of these applications are SAP Ariba, Concur or SuccessFactors.
Platform as a Service in the Cloud (PaaS): This is mostly driven by the growing adoption of SAP BTP and all of its cloud services, including AI services, for application development in the cloud as well as integration with on-premise applications.
This means that when we talk about the security of SAP environments, we no longer talk about the security of on-premise applications, but of a combination of many environments, or building blocks, and where all of these building blocks may be subject to different types of security vulnerabilities and risks.
If we consider the latest Threat Intelligence released by Onapsis and Flashpoint, highlighting the threat landscape for SAP applications, including: exploits, vulnerabilities and Ransomware, it is important to reinforce that organizations running and consuming SAP Applications or services should integrate them into their existing security processes, including but not limited to:
By integrating SAP Applications and services into your existing IT security processes, organizations might prevent the introduction of new vulnerabilities into the organization, and manage existing risks in the process in a holistic way, from the on-premise applications all the way to the cloud environments and services.
