Check overview

The complete detailed list of checks that were executed during the scan may be accessed by pressing the "Check overview" button in the "Scan results" screen:

A list of checks is shown in the same tab. The list is sorted descending on the risk level- and ascending on mitigation effort columns.

The list may be sorted differently by the user by clicking on the column header. There are a number of display-related settings that may be changed by clicking on the "Display settings" icon.

The display type dropdown menu has 3 available list formats:

  • List : the default overview, a standard list without hierarchy levels

  • Tree : a hierarchical view containing the group and subgroup headers of all checks as well as the checks themselves

  • Group/Subgroup: a collapsible hierarchical view containing the group and subgroup headers

The Risk weighting factor may be changed to favor either Impact and Likelihood. When the slider is adjusted, the relative weights of Impact and Likelihood values are changed, the Risk level is recalculated and the check overview is re-sorted.

The check result selection determines which checks will be shown in the list. For example it is also possible to view only the checks that passed by selecting "Pass".

All these user settings may be saved as a default setting. The next time the user accesses the check overview, these settings will be applied automatically.

You may find out why a certain check failed by selecting the display icon at the start of a record:

In the example above, a check was done to determine the SAP Standard users with known default passwords. The check failed because one such user (TMSADM) was found to exist in client 000 of the satellite system.

Check information

Each Check is supplied with detailed information regarding: Vulnerability, Solution and References:

The check tab contains a description of the check and shows some of its properties: whether it is client-dependent or instance-dependent and which platform layer it belongs to.

Some checks may have parameter values (thresholds). The check parameters tab shows the reference value that was used in execution of the check. In the example below, a check was made whether the SAP parameter login/password_lng contained a value larger or equal than 10:

The vulnerability tab contains a short description of the vulnerability:

The solution tab shows a a proposed best practice to mitigate this specific risk:

The references tab shows links to relevant SAP OSS Notes and SAP Help pages:

Last updated