The SAP Management Console (SAP MC) is the centralized system management component. It allows you to monitor and control each SAP instance, display log and trace files, profiles and other parameters. You can also monitor system alerts and deep information about memory usage and processes in the system (e.g. Java VM® garbage collection and heap memory).
In the previous post we discovered the SAP Services listening on each one of the open ports. Now we can execute Bizploit plug-ins to assess the security of these SAP services.
Let’s have a look at the Discovery and Vulnassess plug-ins available in Bizploit.
We are used to talk about SAP and its components, but in the following post we will put ourselves into the role of an SAP user faced with the environment we need to protect. This post can be considered an introduction to SAP security and the components we are interested in protecting.
SAP stands for Systems Applications and Products in data processing. It is a Germany-based company which for the last 42 years has been developing the most widely adopted ERP (Enterprise Resource Planning) systems used by the biggest companies in the world.