Is your SAP® system bullet-proof?

The Virtual Forge SAP® penetration test identifies risks in your SAP environment and helps you to mitigate them. That way you achieve better protection against cyber-attacks. Early testing helps you to reduce cost and save time.

An SAP penetration test  gives you an independent, comprehensive view of your currently implemented SAP security measures, it highlights risks and loopholes and proposes mitigation actions.

In our penetration testing, we focus in particular on the scenarios that threaten your SAP systems and applications at exposed interfaces. These comprise the traditional SAP solutions such as SAP E-Recruiting, but also increasingly cloud-based applications that come with new SAP platforms such as SuccessFactors, Ariba and SAP HANA and find more and more entry into the SAP landscape of your company. Our experts rely on known industry standards such as the BIZEC APP/11 and TEC/11 for SAP, OWASP Top 10, WASC, best practices of the SAP community for development and configuration, and of course our SAP expertise gained over the past 13 years.

Get a quote

The SAP penetration test at a glance

Short description



Security experts from Virtual Forge analyze the SAP system(s) and service(s) in scope for vulnerabilities due to

  • Insecure architecture
  • Insecure configuration
  • Insecure code

Manual analysis of a productive or QA System supported by automated analysis tools:

  • Grey-Box Penetration Test (application blackbox & whitebox)   
  • Network architecture of SAP system
  • One application penetration test
  • Automated analysis focused on SAP community best practice guides for coding and configuration
  • Complete custom ABAP code with CodeProfiler
  • Security configuration settings with SystemProfiler

Virtual Forge creates a comprehensive report containing:

  • Summary, including a prioritization of risks and recommendations for counter measures
  • Full Report of custom ABAP code analysis with CodeProfiler (Coverage: Security, Compliance, Data-Loss-Prevention)
  • Full Report of security configuration analysis with SystemProfiler (Coverage: SAP Basis, configuration, critical authorizations)
  • Demo Exploit Video

Any questions?

Do you have questions concerning the SAP penetration test or other ProfessionalServices?

Contact us

Cookies on the Virtual Forge website

To offer you the best possible service, Virtual Forge uses cookies to store information about your visit to our website. We also use the Facebook Pixel to learn more about how our website is used. Cookies thus enable us to measure the response to our marketing efforts on Facebook and find out how we could improve them. By using this website, you consent to our use of cookies.

Please click here to learn more about how cookies are used on this website. Here, you can also dissent to the use of cookies and adjust your browser’s settings accordingly.

I consent!