1. In your opinion, what is the #1 tool to identify SAP systems exposed to the internet?
Best Answer: b. Google
For finding SAP systems connected to the internet, Google Advanced Search is a very powerful tool.
Many SAP systems are exposing the full application URL to the internet, so instructing google to search for splash pages or login pages with certain patterns in the URL will reveal – literally – tens of thousands of SAP systems with zero effort. Advanced searches and combinations of search terms help attackers narrow-down their target list.
Examples:
Recommendation: Customers should implement URL rewriting to hide any reference to SAP applications in the external-facing URLs and in links within the HTML of web-facing SAP applications.
Advanced Web Application Firewalls – or even better – bowbridge Secure Web Dispatcher for SAP applications (targeted for release in Q3/2020) can perform those translations.