PFCG Role maintenance
SYSTEM COPY
When it comes to outsourcing or outtasking SAP Basis services, we see ourselves as an experienced partner for ensuring that your SAP systems run smoothly. In addition to planning your future SAP deployment, we perform upgrades and configuration changes. We support you on-site and/or remotely in all SAP system management tasks to ensure the continuous availability of SAP applications.
The SAP NetWeaver Application Server Add-on for Code Vulnerability Analysis tool, also known as Code Vulnearability Analyzer (CVA), is a tool that performs a static analysis of user-defined ABAP source code to detect possible security risks. The tool is available in the NetWeaver ABAP stack and is based on versions from: 7.0 NetWeaver: in EHP2 SP 14 or higher / 7.0 NetWeaver: in EHP3 SP 09 or higher / 7.3 NetWeaver: in EHP1 SP 09 or higher / 7.4 NetWeaver: in SP05 or higher To use the CVA tool, the execution of system-wide security controls must be enabled with the RSLIN_SEC_LICENSE_SETUP report. Afterwards, the security checks are available in standard ABAP code checking tools such as ABAP Test Cockpit (ATC) or Code Inspector (SCI). The option of these checks is usually referred to as "security analysis in extended program check". Note that the use of the security check feature for custom code separation is licensed and incurs additional costs. The older program that has been around for years is Virtual Forge's "Code Profiler". It is one of the first products in this segment of SAP security and was used by SAP itself for many years. It is very comprehensive and is also able to track individual variables across the entire control flow. This leads to very precise statements and a reduction of false positives.
SE37 Function Builder
The identification of critical SAP permissions for the use of an SAP system must therefore be carried out in any case. In addition to permissions, you can also identify critical profiles and roles that are already in the delivery state.
Furthermore, the DISPLAY system variable must be set in order to start the TREX admin tool. Details and a guide to installing the tool can be found here: instguides → SAP NetWeaver → Released 04 → Installation → Cross-NW → Installation Guide Search and Classification TREX.
Tools such as "Shortcut for SAP Systems" complement missing functions in the SAP basis area.
This saves us a lot of time and ensures that no checks are overlooked when performing manually.
The Coupled process links the two strategies mentioned above.