SP01 Output control: spool requests
SAP Basis essentially consists of the three classic software layers:
The SAP NetWeaver Application Server Add-on for Code Vulnerability Analysis tool, also known as Code Vulnearability Analyzer (CVA), is a tool that performs a static analysis of user-defined ABAP source code to detect possible security risks. The tool is available in the NetWeaver ABAP stack and is based on versions from: 7.0 NetWeaver: in EHP2 SP 14 or higher / 7.0 NetWeaver: in EHP3 SP 09 or higher / 7.3 NetWeaver: in EHP1 SP 09 or higher / 7.4 NetWeaver: in SP05 or higher To use the CVA tool, the execution of system-wide security controls must be enabled with the RSLIN_SEC_LICENSE_SETUP report. Afterwards, the security checks are available in standard ABAP code checking tools such as ABAP Test Cockpit (ATC) or Code Inspector (SCI). The option of these checks is usually referred to as "security analysis in extended program check". Note that the use of the security check feature for custom code separation is licensed and incurs additional costs. The older program that has been around for years is Virtual Forge's "Code Profiler". It is one of the first products in this segment of SAP security and was used by SAP itself for many years. It is very comprehensive and is also able to track individual variables across the entire control flow. This leads to very precise statements and a reduction of false positives.
SAP administrators are present wherever SAP systems are used. This now applies to many industries and corporate divisions. SAP systems can be found in the areas of accounting, cost accounting, activity-based costing and controlling. In all of these areas, they ensure smooth operation and further development, helping the company to make internal processes more efficient and thus save costs and resources.
PFCGMASSVAL Mass maintenance of authorization values
In order to reduce the variety of different system variations and the related variety of routine tasks, it is necessary to reduce the number of customer specifications. In particular, the implementation, set-up and configuration of the systems and security concepts must be harmonised or returned to the SAP standard. To this end, it is necessary to establish, in cooperation with the relevant IT departments, a standard for, for example, operating systems and databases within the limits set by the product.
In the ERP environment, SAP has created a separate module for each business task area over the course of time. Companies have the option of putting together a suitable system from these modules, depending on their individual needs.
For administrators, a useful product - "Shortcut for SAP Systems" - is available in the SAP basis area.
In the example shown above, I assign the "findepartment_r" role as an example the "F-02" transaction authorisation.
There are several ways to introduce and operate new applications.