Mar 16-19, 2026Las Vegas, Nevada, NV
SAP Security
Featured Insiders
Upcoming Events
SAPinsider Las Vegas 2026
Related Vendors
What Is Security?
Security is a broad term that can apply to many fields. In the area of IT, security refers to tools and strategies that prevent unauthorized access to organizational assets such as computers, networks, and data. Security is designed to maintain the integrity and confidentiality of sensitive information, blocking the access of sophisticated hackers and malicious insiders.
What Is Security?
Security is a broad term that can apply to many fields. In the area of IT, security refers to tools and strategies that prevent unauthorized access to organizational assets such as computers, networks, and data. Security is designed to maintain the integrity and confidentiality of sensitive information, blocking the access of sophisticated hackers and malicious insiders.
What Is SAP Security?
SAP security products and services help organizations to develop and administer solutions securely across on-premise, cloud, and hybrid environments. The SAP Trust Center includes links to various SAP security tools and services under five categories:
- Hybrid identity and access management: SAP Single Sign-On, SAP Identity Management, and SAP Access Control.
- Cloud identity services: SAP Cloud Identity Services – Identity Authentication, SAP Cloud Identity Services – Identity Provisioning.
- Secure development services: SAP Authorization and Trust Management service, SAP Credential Store, Cloud Connectors, and SAP Cloud Programming Model.
- Risk and compliance: SAP Cloud Identity Access Governance, SAP Data Retention Manager, SAP Customer Data Cloud, and SAP Data Privacy Integration.
- Security support services: SAP Security Optimization, SAP MaxAttention, and Security Service and Support Offerings.
Further Resources for SAPinsiders
Trust Matters! The SAP Security Strategy and Roadmap. This presentation by Anne Marie Colombo, Cybersecurity Solution Advisor at SAP, provides an overview of SAP’s security strategy as well as its related solutions and products. The presentation explains how the latest solutions and services, such as SAP Cloud Platform Identity Authentication, SAP Cloud Platform Identity Provisioning, SAP Enterprise Threat Detection, SAP Single Sign-On, and SAP Identity Management, can bring value to your enterprise security platform.
Insights for Your Emerging SAP Security Strategy. In this blog post, SAPinsider discusses security with key leadership from SAP security company Onapsis. The discussion ranges across many topics, from the state of SAP software and enterprise security to Onapsis’s acquisition of Virtual Forge and its impact on the SAP customer base.
Application Security Imperiled by Attackers. Application security is being threatened by cyberattacks on the application layer, such as SAP S/4HANA systems, which target valuable resources organizations store there, observe SAP’s Arndt Lingscheid, Global Solution Owner Cybersecurity and Data Protection, and Martin Mueller, Presales and Program Manager, SAP Security Suite. Companies need to deploy real-time detection and response to deal with the rise in attacks against the SAP application layer level, they argue.
Vendors that can help SAP customers with security include: Appsian Security, Fastpath, Fortinet, Layer Seven Security, Lookout, Onapsis, Security Weaver, Xiting, and Xpandion.
152 results
The Silent Killers of SAP Security: How to Shut Down Dormant and Unmitigated Access RisksDec 2, 2025 — SAP Governance, Risk, and Compliance (GRC) has evolved from a periodic compliance task to a risk-based approach, exemplified by ToggleNow's ReviewNow solution, which automates around 99% of User Access Reviews using real-time SAP data, enabling deeper insights into access governance.
3 minute read
Hardening the Core: Modern Security for AI Systems and SAP LandscapesFeb 4 — As AI adoption accelerates and SAP landscapes continue to evolve, technical leaders face growing pressure to safeguard their environments while enabling innovation. In this session, Apiphani will break down two critical but often disconnected security domains: AI security and SAP security.
We’ll explore the core pillars of AI security, including data protection, identity and access management, governance and compliance, threat detection, and policy-driven employee enablement, followed by a deep dive into SAP-specific security and technical compliance practices.
Finally, we’ll connect the dots between the two, highlighting how a unified approach strengthens your overall risk posture and prepares your organization for a future where AI and SAP operate side-by-side.
This webinar is designed for technical leaders, architects, and hands-on practitioners who want a clearer, more actionable understanding of how to secure what’s here today and what’s coming next.
Watch this webinar now to learn:
- How to secure AI initiatives without slowing down innovation or exposing sensitive data.
- Is your SAP systems truly compliant and protected, or have hidden gaps in access, configuration, or monitoring.
- How to secure and build a unified security strategy that covers both AI and SAP, instead of managing two disconnected risk areas.
1 minute read
SAP Expands Sovereign AI Capabilities in EuropeDec 1, 2025 — EU regulations are driving the demand for compliant-by-design cloud and AI systems, with SAP investing over $20 billion in sovereign infrastructure and partnerships to enhance digital sovereignty and accelerate AI solutions for highly regulated sectors.
3 minute read
How Penetration Testing Helps Secure Your RISE with SAP and Cloud ERPNov 26, 2025 — Migrating to RISE with SAP and Cloud ERP enhances enterprise transformation but alters the security landscape, necessitating a collaborative effort between SAP and customers under the Shared Responsibility Model.
3 minute read
SAP Signavio AI Agent Mining Addresses Invisible Autonomy RiskNov 19, 2025 — SAP users are increasingly integrating AI agents into their workflows, which introduce 'invisible autonomy' risks that necessitate oversight, leading SAP Signavio to develop new capabilities for monitoring and managing these AI agents effectively.
2 minute read
CVE-2025-31324 Exploited in the Wild: What We’ve Found in the AftermathNov 14, 2025 — In April 2025, SAP revealed a critical vulnerability (CVE-2025-31324) in NetWeaver's Visual Composer that allows unauthenticated file uploads leading to remote code execution, which has been actively exploited in multiple customer environments, necessitating urgent mitigation actions.
3 minute read
SAP Security Patch Day November 2025: Three Critical Priority FixesNov 13, 2025 — On November 11, SAP released 20 security patches, including three patches for critical vulnerabilities affecting SQL Anywhere Monitor, SAP NetWeaver AS Java, and SAP Solution Manager, urging customers to apply updates promptly and highlighting the need for proactive cybersecurity measures.
2 minute read
Research Webinar – Cloud and AI Security for SAPDec 17, 2025 — Most SAP customers are now running at least some enterprise systems in the cloud. At the same time, organizations are exploring ways to incorporate AI into their enterprise workloads. This convergence of technologies is hugely important from a security standpoint and raises questions about how organizations are planning on securing their expanding cloud footprints while ensuring that their use of AI is protected. In addition, the expanding use of AI to both protect systems as well as defend against attacks is both complicating, while potentially streamlining, the task of protecting cloud-based systems and AI workloads from attack.
In exploring the factors most responsible for influencing cloud and AI security strategy for SAP systems, the differences between these respondent groups were significant. For example, more than half the leaders reported that their strategies were most impacted by the emergence of AI-enhanced attack techniques targeting ERP and SAP systems. Meanwhile, the
majority group were still focused on tasks like ERP modernization and a demand to standardize security across cloud and hybrid environments. These are factors that are of lesser importance to leaders, reflecting the fact that leaders are more likely to have already addressed these concerns or are on their way to completing modernization plans
This year's research also explored the owners of SAP cloud and AI security strategy, how risk associated with using AI in SAP-related operations is being managed, and measurable security outcomes achieved through adoption of cloud or AI security capabilities for SAP workloads.
The findings indicate that organizations must start planning for how they will manage security for cloud and AI use in their SAP environments if they are to successfully secure these workloads in the future.
Download the benchmark report to read the full data analysis and receive recommendations for your own plans.
- Understand how SAPinsiders are adjusting their security strategy to manage cloud and AI workloads.
- Explore the technologies and partner solutions in use to protect cloud and AI workloads.
- Learn about how SAPinsiders are managing risk when it comes to cloud and AI security strategy.
- See what SAPinsiders can learn from those leading in cloud and AI security.
1 minute read
The Overlooked Risk in SAP Security: Non-Production DataNov 11, 2025 — NextLabs addresses the security vulnerabilities in non-production SAP environments, where sensitive business data is often exposed due to frequent developer access, by implementing a Zero Trust data security framework that provides continuous monitoring and granular access controls.
3 minute read
Securing SAP S/4HANA: Why Zero Trust and Security-Driven Networking MatterNov 3, 2025 — As organizations shift to SAP S/4HANA for digital transformation, adopting Zero Trust principles and Fortinet's security solutions is crucial to mitigate security risks in hybrid environments, ensuring identity-centric protections and unified visibility while enhancing performance and compliance.
3 minute read