SQ01 Maintain SAP Query
In the age of digitisation, the wheel need not be reinvented. Certain functions are consumed or used by platforms only, without fully retaining the necessary infrastructure. In order to participate in this compared to competitors, it is necessary to introduce these technologies, to use them and to learn about their possibilities. Examples include the use of cloud services or applications in the IoT and big data environment.
By using a code scanner, it is now possible for every developer to scan for complex security patterns during the extended check of his program, which tell him whether he has built vulnerabilities into his program. These vulnerabilities are detected and can now be addressed in a workflow-driven process. Currently, there are two products that can support customers in the area of scanning their own SAP programs.
SE51 Screen Painter
If this parameter is exceeded by a process, the query is cancelled before it could be executed. Both parameters are limited by the parameter abap/heap_area_total. Of course, there are several other storage parameters that would exceed the scope of this article. You can read their function in the SAP documentation.
Customers with such a case regularly contact us. Creating a Permission Concept from the ground up is often a time-consuming task. Furthermore, the know-how, which aspects should be dealt with in an authorisation concept and how the corresponding processes can look practical and at the same time audit-proof is often lacking. Our solution: tool-based generation of an individual, written authorisation concept In this situation, we have recommended to our customers the tool-based generation of a written authorisation concept directly from the SAP system. We use the XAMS Security Architect tool, with which we have had good experiences. This includes a template for a revision-proof and comprehensible, written authorisation concept. It includes established best practices for role and entitlement management. The template covers all relevant areas in a permission concept. The included text of the authorisation concept is completely customisable, so that the concept can be tailored to your situation without creating a permission concept from scratch. Dynamically update the written authorisation concept One of the biggest challenges after the development of an authorisation concept is to keep it up to date in the long term and to measure the sustainable implementation in the system. This is achieved by integrating live data such as configuration settings and defined rules directly from the connected system. For example, lists of existing roles or user groups and tables are read from the system each time the document is generated and updated in the permission concept. The following screenshot shows an example of what the appearance in the concept document might look like. Automatically check and monitor compliance with the concept To check compliance with the concept, the XAMS Security Architect includes extensive inspection tools. These cover the rules formulated in the concept and are suitable for measuring the extent to which the reality in the system meets the requirements formulated in the concept.
Tools such as "Shortcut for SAP Systems" are extremely useful in basic administration.
You can use the SAP system's own login.
Afterwards you simply have to output the complete list via "Object > Output complete list".