It was super easy to get access to a list of almost 6.900 names and e-mail addresses from SAP employees, partners and customers. No hacking needed, you just had to click links and know a few things. The list contains a handful of duplicates, test names or generic names. From Read more…
Using Google to find SAP related documentation is a daily task. When I was searching for some Fiori Launchpad information, I was using Google Search. One of the search results directed me to SAP Help and the Fiori Launchpad documentation. The link is: https://help.sap.com/docs/SAP_FIORI_LAUNCHPAD?locale=en-US The page is not hidden under Read more…
The access to the app is not any longer allowing external users (like S-User) to log on. While the public page of the app is accessible, you cannot read any evauations or other data. SAP acted here very quick and tightened the SSO access in just a few hours. The Read more…
Event information Location: 8. HANA Tech Night, Mafinex, Mannheim Date: 27.06.2023 Site: Event website Title: Sicherheit Presentation: PDF Additional information Es gibt keine allgemeine Lösung für das Problem Sicherheit. Jede Situation ist einzigartig. Trotzdem gilt gerade deswegen: sich vorbereiten für das Schlimmste Es gibt keine super sichere Software. Das ist Read more…
In this post I will explain how to access SAP Learning Hub (LH) training material PDFs that are not part of your subscription. You’ll need to have a valid LH solution subscription to be able to access training material not part of your subscription. For those not familiar with LH: Read more…
WordPress is one of the most popular CMS systems. It is easy to use, can be run in the cloud or on premise, and offers a wide range of plugins and themes. WordPress is available for almost 20 years. It has a huge community and allows to run a web Read more…
In the first part of this small series I described how I found an “internal” page from SAP: the SAP Help Portal status page. Intended to be accessible to everyone, the layout made it appear to be for internal and authenticated access only. While this was solved rather quickly, SAP Read more…
„We take security seriously“ or „we take your privacy and security seriously” is what you hear from every company that offers some kind of service on the internet. It is what customers want to hear, what shareholders want to hear, and of course, what employees want to hear. After all, Read more…
Note: the Customer Influence website is currently down. The HANA Logon App for e.g. Admin, IDE, Repo is still accessible: https://influence.sap.com/sap/hana/xs/formLogin/login.html Recently I looked at the SAP Customer Influence website. Besides an interesting OData service I came across several other points I think are worth to mention. At the time Read more…
Certificate pinning aims to close a trust problem that comes with PKI architecture: you trust the certificate authority (CA) and assume that the server is valid, because you trust the CA. Certificate pinning aims to ensure that you also can also trust the server. How is pinning going to achieve Read more…