Release 2211

8 November 2022
[FEATURE] Check template: New SAP security baseline v2.3 (Dec 2021 excl. SAP BTP)
[FEATURE] Check: New AT-AA-0077-01: Users with extens. rights for trusted connections (S_RFCACL)
[FEATURE] Check: New AT-GA-0017-01: Auth. obj S_START must be active to secure ABAP WebDynpro
[FEATURE] Check: New CF-AR-0001-01: All Generic App Access Rules (SLDW) scenarios must be active
[FEATURE] Check: New CF-RF-0009-01: UCON HTTP active allowlists
[FEATURE] Check: New CF-OS-0020-01: Windows GUEST account lock status
[FEATURE] Check: New CF-OS-0023-01: SAPService & SAPADM account not in local Administrators
[FEATURE] Check: New CF-OS-0029-01: ADM and SAPADM account must not have root permissions
[FEATURE] Check: New CF-OS-0029-07: ADM and SAPADM account must not have root permissions
[FEATURE] Check: New CF-DC-0055-01: Are HANA audit policies activated
[FEATURE] Check: New CF-DC-0056-01: Non-technical users without password lifetime check
[FEATURE] Check: New CF-GC-0028-01: VERSION=2 syntax in the secinfo file
[FEATURE] Check: New CF-GC-0029-01: VERSION=2 syntax in the reginfo file
[FEATURE] Check: New CF-DC-0058-01: Are customizable functionalities for databases limited
[FEATURE] Check: New CF-MC-0008-09: Msg. Server - Internal port ACL file existence
[FEATURE] Check: New CF-MC-0009-09: Msg. Server - Admin port ACL file existence
[FEATURE] Check: New CF-MC-0010-09: Msg. Server - External port ACL file existence
[FEATURE] Check: New CF-MC-0011-09: Msg. Server - External bnd port ACL file existence
[FEATURE] Check: New security notes checks
[FEATURE] Report: Option to delete a scan
[FEATURE] Report: Option to delete a connection map
[FEATURE] Report: Option to delete mitigation results of SAP notes
[FIX] Check: AT-AA-0077-01: Changed the authorization object fields to a correct wildcard
[FIX] Check: CF-MC-0008-09: Update of the permissions and ownership parameters
[FIX] Check: CF-MC-0009-09: Update of the permissions and ownership parameters
[FIX] Check: CF-MC-0010-09: Update of the permissions and ownership parameters
[FIX] Check: CF-MC-0011-09: Update of the permissions and ownership parameters
[FIX] System Context: ABAP parameters longer than 60 characters are not truncated anymore
[FIX] Report: The title in check overview and check result will now display the correct time
[FIX] Authorization: The Protect4S VM authorization roles have been improved