Version 5.2
15 December 2020
[FEATURE] Check template: New SAP security baseline v2.2 (Oct 2020)
[FEATURE] Scan comparison: Added scan information in the header of the system column
[FEATURE] Check: New AT-GA-0012-01: SU53 buffer entries must not be too small
[FEATURE] Check: New AT-GA-0013-01: Switchable auth check framework scenarios must be active
[FEATURE] Check: New CF-KE-0006-01: Prevent memory dumps via parameter abap/rabax_no_debug
[FEATURE] Check: New CF-PP-0003-01: Prevent deletion of update requests
[FEATURE] Check: New CF-WD-0025-01: IP address must be set in headerfield x-forwarded-for
[FEATURE] Check: New CO-LP-0011-01: Is the logon timestamp specific enough
[FEATURE] Check: New CO-LP-0012-01: Check logon ticket caching mechanism
[FEATURE] Check: New CO-LP-0013-01: Check logon ticket caching max entries
[FEATURE] Check: New CO-LP-0014-01: Check login quiet mode must be enabled
[FEATURE] Check: New CO-LP-0051-01: SSO ticket: login/ticket_expiration_time must be restricted
[FEATURE] Check: New CO-LP-0055-01: SSO: Accepting of sso2 tickets
[FEATURE] Check: New CO-LP-0056-01: SSO: Creating of sso2 tickets
[FEATURE] Check: New CO-PP-0010-01: Abap pw: Password logon disabled when SSO is active
[FEATURE] Check: New CO-PP-0045-01: Security policy: DISABLE_PASSWORD_LOGON
[FEATURE] Check: New CO-PP-0046-01: Security policy: DISABLE_TICKET_LOGON
[FEATURE] Check: New CO-PP-0047-01: Security policy: PASSWORD_CHANGE_FOR_SSO
[FEATURE] Check: New CO-PP-0050-01: Check the exceptions user group allowed for password logon
[FEATURE] Check: New EN-PH-0002-01: Password hash algorithm: Used algorithm
[FEATURE] Check: New EN-PH-0003-01: Password hash algorithm: Number of iterations
[FEATURE] Check: New EN-PH-0004-01: Password hash algorithm: Saltsize
[FEATURE] Check: New IN-LO-0030-01: ABAP security log: Max diskspace per file
[FEATURE] Check: New IN-LO-0031-01: ABAP security log: Max diskspace per day
[FEATURE] Check: New IN-LO-0032-01: ABAP security log: Max diskspace local
[FEATURE] Check: New IN-LO-0033-01: Authorisation trace: Availability via auth/auth_user_trace
[FEATURE] Check: New IN-LO-0034-01: Authorisation trace: Availability auth/authorization_trace
[FEATURE] Check: New IN-LO-0035-01: Is the ICM Security logging correctly switched on
[FEATURE] Check: New IN-LO-0036-01: Is the ICM HTTP logging correctly switched on
[FEATURE] Check: New IN-LO-0037-01: Is the ICM HTTP CLIENT logging correctly switched on
[FEATURE] Check: New IN-LO-0038-01: Is the Message Server HTTP logging correctly switched on
[FEATURE] Check: New PM-KP-0008-01: Is CommonCryptoLib patch level recent
[FEATURE] Check: New security notes checks
[FIX] System context: The latest Linux Suse and Red Hat versions are determined with the new file format
Last updated