SM37C Advanced Job Selection
SAP BASIS
In addition to scanning and identifying the respective security vulnerabilities of a program, it is also possible to stop tasks that are to be transported to other SAP systems with security vulnerabilities in the further transport process This applies, for example, to the CHARM process based on SAP Solution Manager. This forces a programmer to securely check the programs he or she is responsible for according to the same security criteria. If a program then still has security problems, it can either be released via the dual control principle or returned for further processing. Do you know of any other solutions for improving ABAP code security or have you already gained experience with the products mentioned above? I look forward to your comments!
Using various user, administration and monitoring tools, the SAP Basis system is controlled and managed by an administrator, who is thus responsible for its trouble-free operation. Many companies hand over these tasks to an external service provider.
STRUST Trust Manager
By using a code scanner, it is now possible for every developer to scan for complex security patterns during the extended check of his program, which tell him whether he has built vulnerabilities into his program. These vulnerabilities are detected and can now be addressed in a workflow-driven process. Currently, there are two products that can support customers in the area of scanning their own SAP programs.
The higher the degree of standardisation of operational and maintenance tasks, the more effective the technical operation and maintenance can be. At the same time, this simplifies outsourcing and, if necessary, the use of a cloud solution. CHOOSING AN APPROPRIATE SERVICE FORM Regardless of the chosen service form, as well as outsourcing and outtasking, the overall responsibility for the availability and performance of the IT-supported applications remains with the company. This still means internal coordination of maintenance windows or release booths, which remains in place. Similarly, the services provided by the external partner must be regularly monitored and their quality checked. Therefore, the chosen IT strategy must be chosen from this point of view with the lowest risk. If the technical operation is not sufficiently assessed in the decision, there is a significant business risk.
"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.
In the case of critical errors, a new attempt should be made or an alert issued so that an administrator can intervene manually.
Presentation layer: The presentation layer is the top layer of the R/3 SAP Basis system and includes communication with the user.