abat's Blog
The knowledge of abat
Vulnerabilities in Legacy Applications: How to Systematically Secure Software Applications
Business-critical software applications have been running stably for years and therefore rarely become the focus of security initiatives. Yet the threat landscape has intensified: attacks are on the rise, and regulatory requirements such as NIS-2 and the Cyber Resilience Act are becoming more stringent. Those who focus solely on stable operation overlook creeping risks. Security hardening demonstrates how existing applications can be systematically secured without the need for new development.
Supply Chain Attacks on SAP: How to Protect Your Development Pipelines from “Mini Shai-Hulud”
Four official SAP NPM packages were compromised, and the malicious code executed during the npm install process, even before developers wrote a single line of code. The “Mini Shai-Hulud” campaign demonstrates just how sophisticated supply chain attacks on SAP environments have become. This article explains the attack methodology, the potential damage to your SAP infrastructure, and the DevSecOps measures you should take now.
Advanced Shipping and Receiving (ASR) – Between the future and practical application, a case study
Discover how SAP ASR is revolutionizing logistics! Our case study highlights the integration of warehousing and transportation in S/4HANA, outlines the benefits, and addresses the challenges. Learn why ASR is the future-proof solution for transparent end-to-end processes and how your company can benefit from it. A must-read for anyone looking to optimize their logistics!
SAP Joule in SuccessFactors: What really drives productivity today
SAP is making massive strides in AI within SuccessFactors with Joule. But which features are already delivering real productivity gains today, and which are still just promises? This article shows which HR processes can already be automated with Joule today, what technical requirements are necessary, and why now is the right time to act.
CSRD Drop-out 2026: What applies now
The EU Omnibus Initiative has exempted approximately 80 percent of the companies originally subject to the CSRD from direct compliance requirements. But those who stop now are making a mistake: Customers, banks, and employees continue to request ESG data—regardless of the law. This article explains what the CSRD drop-out really means, which reporting standards make sense now, and how abat supports a structured approach with ID-Report.
AI-powered phishing: Why SAP systems must become digital fortresses now
AI-powered phishing is becoming increasingly sophisticated and effective. When accounts are compromised, the internal security of SAP systems comes into sharp focus. Relying solely on firewalls and default security measures is no longer enough. Learn why specialized SAP penetration testing and proactive hardening are now essential for your cyber resilience.
Strategic Sovereignty: Sovereign Cloud Infrastructures for SAP in the Defense Sector
Cloud usage in the defense sector means: no compromises on data sovereignty. With the SAP Sovereign Cloud with the SAP Business Technology Platform (BTP), scalability and innovation can be combined with VS-NfD compliance, BSI baseline protection, and complete data control. This article explains how this is achieved and which four dimensions of sovereignty are crucial in this context.
SAP systems in the crosshairs: How SAP penetration tests ensure security in the defence industry
SAP systems are the backbone of the defense industry, but they are increasingly becoming the target of highly professional cyberattacks. Whether it's NIS 2 compliance or protecting defense secrets, conventional IT security is often not enough. Read our blog post to find out why specialized SAP penetration tests are essential for cyber resilience and national sovereignty. We show you how to uncover vulnerabilities in RFC interfaces and turn your SAP landscape into a fortified fortress.
CSRD 2026: Postponement yes – all-clear no
The EU has rewritten the rules for sustainability reporting with the Corporate Sustainability Reporting Directive (CSRD). But shortly before the start of the second wave, the schedule was unexpectedly adjusted. The so-called Omnibus Package has postponed the deadlines for many companies and significantly raised the thresholds. However, anyone who now falls into a state of complacency is thinking too short-term. The requirements remain complex, data collection is challenging, and the strategic…
How can emissions accounting be achieved with excellent data?
A strong emissions balance starts with strong data that is precise, complete and clearly structured. Those who set up their GHG balance properly create transparency and establish the foundation for effective climate strategies. With modern tools like ID-Report, data quality and reporting processes can be significantly improved. This turns a demanding obligation into a real competitive advantage, today and in the future.