* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Monday, October 6, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Charlie Hunnam Reflects on Playing a Serial Killer in Monster: The Ed Gein Story – Yahoo

    Charlie Hunnam Reveals the Dark Challenges of Playing a Serial Killer in Monster: The Ed Gein Story

    “Reba” cast, then and now: See the stars 24 years later (and who’s reunited for another show) – Yahoo

    “Reba” cast, then and now: See the stars 24 years later (and who’s reunited for another show) – Yahoo

    Why Taylor Swift Name-Dropped Elizabeth Taylor in Her New Album – Yahoo

    Here’s Why Taylor Swift Dropped Elizabeth Taylor’s Name in Her New Album

    Al Roker Gives Olivia Dean an Unexpected ‘New Job’ on the ‘Today’ Show – Yahoo

    Al Roker Shocks Olivia Dean with an Exciting New Role on the ‘Today’ Show

    Books about the arts and some haunts for a Denton October – Denton Record-Chronicle

    Uncover Artistic Treasures and Spooky Adventures to Experience in Denton This October

    Taylor Swift Releases New Album The Life of a Showgirl : Listen and Read the Full Credits – Yahoo

    Taylor Swift Releases New Album The Life of a Showgirl : Listen and Read the Full Credits – Yahoo

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Forget Cowbells. Cows Wear High-Tech Collars Now. – The New York Times

    Ditch the Cowbells: Discover the High-Tech Collars Transforming Cattle Care

    What the Recent Price Surge Means for Figure Technology Solutions After SEC Settlement – Yahoo Finance

    What the Recent Price Surge Reveals About Figure Technology Solutions Following SEC Settlement

    MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

    MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

    Technology Is Becoming More Important Than Humans In CX – No Jitter

    Technology Is Becoming More Important Than Humans In CX – No Jitter

    A Tech Expo Shows What China Can Make, but Not Who’ll Buy It All – The New York Times

    Inside China’s Tech Expo: Cutting-Edge Innovations Face Uncertain Demand

    Steampunk Metal Oval Technology Sense Sunglasses Personality Handmade Chain Multicolor Sunglasses UV400 – The San Joaquin Valley Sun

    Steampunk Metal Oval Sunglasses with Handmade Multicolor Chain – Bold UV400 Protection and Unique Style

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Charlie Hunnam Reflects on Playing a Serial Killer in Monster: The Ed Gein Story – Yahoo

    Charlie Hunnam Reveals the Dark Challenges of Playing a Serial Killer in Monster: The Ed Gein Story

    “Reba” cast, then and now: See the stars 24 years later (and who’s reunited for another show) – Yahoo

    “Reba” cast, then and now: See the stars 24 years later (and who’s reunited for another show) – Yahoo

    Why Taylor Swift Name-Dropped Elizabeth Taylor in Her New Album – Yahoo

    Here’s Why Taylor Swift Dropped Elizabeth Taylor’s Name in Her New Album

    Al Roker Gives Olivia Dean an Unexpected ‘New Job’ on the ‘Today’ Show – Yahoo

    Al Roker Shocks Olivia Dean with an Exciting New Role on the ‘Today’ Show

    Books about the arts and some haunts for a Denton October – Denton Record-Chronicle

    Uncover Artistic Treasures and Spooky Adventures to Experience in Denton This October

    Taylor Swift Releases New Album The Life of a Showgirl : Listen and Read the Full Credits – Yahoo

    Taylor Swift Releases New Album The Life of a Showgirl : Listen and Read the Full Credits – Yahoo

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Forget Cowbells. Cows Wear High-Tech Collars Now. – The New York Times

    Ditch the Cowbells: Discover the High-Tech Collars Transforming Cattle Care

    What the Recent Price Surge Means for Figure Technology Solutions After SEC Settlement – Yahoo Finance

    What the Recent Price Surge Reveals About Figure Technology Solutions Following SEC Settlement

    MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

    MAC Brings iPad Technology to Football Sidelines Across All 13 Member Schools – Sports Video Group

    Technology Is Becoming More Important Than Humans In CX – No Jitter

    Technology Is Becoming More Important Than Humans In CX – No Jitter

    A Tech Expo Shows What China Can Make, but Not Who’ll Buy It All – The New York Times

    Inside China’s Tech Expo: Cutting-Edge Innovations Face Uncertain Demand

    Steampunk Metal Oval Technology Sense Sunglasses Personality Handmade Chain Multicolor Sunglasses UV400 – The San Joaquin Valley Sun

    Steampunk Metal Oval Sunglasses with Handmade Multicolor Chain – Bold UV400 Protection and Unique Style

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Business

SAP security holes raise questions about the rush to AI

July 19, 2024
in Business
SAP security holes raise questions about the rush to AI
Share on FacebookShare on Twitter

Cloud security firm Wiz has published a detailed report about SAP security holes, now patched, that raises alarming questions about the secondary role AI efforts are having on cybersecurity defenses.

Cloud security firm Wiz has probed SAP defenses as part of its tenant isolation research on AI service providers, and on Wednesday published a lengthy list of shortcomings. SAP says that they fixed all of the problems before Wiz published.

Most deal with either a lack of meaningful segmentation or network components trusting other components without any authentication — a violation of the basic tenet of Zero Trust. Although AI played a minor role in the problems, some have pointed to the report as further evidence that the rush to GenAI deployments is undermining basic cybersecurity protections.

“We believe these (SAP) services are more susceptible to tenant isolation vulnerabilities because, by definition, they allow users to run AI models and applications – which is equivalent to executing arbitrary code,” the Wiz report said.

“As AI infrastructure is fast becoming a staple of many business environments, the implications of these attacks are becoming more and more significant. The AI training process requires access to vast amounts of sensitive customer data, which turns AI training services into attractive targets for attackers. SAP AI Core offers integrations with S/4HANA and other cloud services, to access customers’ internal data via cloud access keys. These credentials are highly sensitive.”

Alarming holes

Given how widely deployed SAP systems are within enterprises, and how integrated SAP is with so many other enterprise-level applications and cloud environments, Wiz said the holes were especially alarming.

“By executing arbitrary code, we were able move laterally and take over the service – gaining access to customers’ private files, along with credentials to customers’ cloud environments: AWS, Azure, SAP S/4HANA Cloud, and more,” the report said. “The vulnerabilities we found could have allowed attackers to access customers’ data and contaminate internal artifacts – spreading to related services and other customers’ environments.” 

The Wiz report noted that researchers were able to access and often able to modify Docker images on SAP internal container registry, SAP’s Docker images on Google Container Registry, and SAP’s internal Artifactory server. They also gained cluster administrator privileges on SAP AI Core’s Kubernetes cluster, as well as gaining full access to a variety of SAP customers’ cloud credentials and private AI artifacts.

Risks involved in the rush to AI

Analysts and industry AI specialists found little surprising in the findings, but did agree that this should be a stark reminder that AI deployments need to be carefully and strictly scrutinized and managed by CISO teams. 

“There is this rush to deploy (AI) and security is an afterthought until something bad happens,” said Michelle Abraham, the IDC senior research director for security and trust.

Vaibhav Malik, the architect leader at Cloudflare, said that although AI may not be the direct cause of the SAP holes that were discovered, the mechanisms needed for GenAI rollouts often undermine defenses. 

“The vulnerabilities discovered in SAP AI Core are unfortunately not surprising to me. In my experience working on enterprise AI initiatives, I’ve observed a concerning trend where the rapid adoption of AI technologies often outpaces the implementation of robust security measures,” Malik said. “The ability to run arbitrary code for AI model training inherently creates a complex isolation problem. Traditional sandboxing techniques often fall short in AI environments. I’ve seen multiple cases where seemingly isolated environments were compromised due to overlooked interconnections or misconfigurations.”

Malik also noted that the ability described in the Wiz report to poison artifacts or compromise internal registries “highlights a critical weakness in many AI pipelines. In my experience, securing the entire AI supply chain — from data ingestion to model deployment — is an area where many organizations have significant blind spots.”

Forrester Research reached similar conclusions. 

The Wiz report “is mostly comprised of issues related to configuration and infrastructure that could jeopardize data in any cloud instance of any type. Based on the writeup,  these are issues related to infrastructure configured or implemented improperly in SAP’s AI Core offering. As a result, this could impact cloud infrastructure and the data it houses,” said Jeff Pollard, Forrester VP and principal analyst.

 “The issues are real and correct,” he added. “Better isolation such as microsegmentation using Zero Trust, and better configurations and implementations would’ve prevented this.” 

Another consultant, Three Arc Advisory President Meghan Anzelc, said that CISOs need to focus on the intersection of technology between AI and cybersecurity.

“AI cybersecurity issues are a combination of different areas of expertise not partnering appropriately upfront,” Anzelc said. “Data scientists are typically curious and creative, and many have no understanding of information security or cybersecurity issues and best practices. At the same time, you have traditional IT architecture and InfoSec teams who may not have ever worked with data scientists before, and are struggling with their needs for large data volumes, access to a wide range of data sources, often including sensitive information.

“You also have executives pushing to move quickly on AI, sometimes at organizations that have no internal AI or data science expertise, sometimes at organizations that have no or limited expertise in the particular cloud services needed. It’s a tricky combination.”

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : CIO – https://www.csoonline.com/article/2520751/sap-security-holes-raise-questions-about-the-rush-to-ai.html

Tags: businessholessecurity
Previous Post

Navigating the data management maze: How emerging tech and modern solutions are revolutionizing mainframe-to-cloud integration

Next Post

How Revolut’s creator strategy is benefitting from YouTube’s long-form swing

Air quality speed run – Washington State Department of Ecology (.gov)

Battling Pollution: Washington State’s Urgent Fight for Cleaner Air

October 6, 2025
Equity in science is a beautiful lie — and I’m done pretending – Nature

Equity in science is a beautiful lie — and I’m done pretending – Nature

October 6, 2025
Explore a bird database with 11,500 species – Popular Science

Explore an Incredible Bird Database Showcasing 11,500 Stunning Species

October 6, 2025
South Shore broker funded ‘extravagant lifestyle’ with $11.6 million taken from clients and colleagues, prosecutors say – Boston.com

South Shore broker funded ‘extravagant lifestyle’ with $11.6 million taken from clients and colleagues, prosecutors say – Boston.com

October 6, 2025
QRG Capital Management Inc. Purchases 9,519 Shares of Marvell Technology, Inc. $MRVL – MarketBeat

QRG Capital Management Takes Bold Step by Acquiring 9,519 Shares of Marvell Technology

October 6, 2025
Jaxson Dart, Cam Skattebo fumble away a Giant opportunity vs. Saints – Yahoo Sports

Jaxson Dart, Cam Skattebo fumble away a Giant opportunity vs. Saints – Yahoo Sports

October 6, 2025
‘The World Report’ of The Church of Jesus Christ of Latter-day Saints – KSL TV 5

Inside The World Report: Exploring the Impact of The Church of Jesus Christ of Latter-day Saints

October 6, 2025
Thai Airways Launches New Premium Economy on Flights From Most Visited City in the World – Aviation A2Z

Thai Airways Launches New Premium Economy on Flights From Most Visited City in the World – Aviation A2Z

October 6, 2025
Charlie Hunnam Reflects on Playing a Serial Killer in Monster: The Ed Gein Story – Yahoo

Charlie Hunnam Reveals the Dark Challenges of Playing a Serial Killer in Monster: The Ed Gein Story

October 6, 2025
Pre-rolls, education and industry optimism: Takeaways from Ohio Cannabis Health & Business Summit 2025 – Cleveland.com

Pre-rolls, Education, and Industry Optimism: Top Insights from the Ohio Cannabis Health & Business Summit 2025

October 6, 2025

Categories

Archives

October 2025
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
« Sep    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (854)
  • Economy (874)
  • Entertainment (21,748)
  • General (17,441)
  • Health (9,916)
  • Lifestyle (887)
  • News (22,149)
  • People (876)
  • Politics (885)
  • Science (16,085)
  • Sports (21,375)
  • Technology (15,855)
  • World (857)

Recent News

Air quality speed run – Washington State Department of Ecology (.gov)

Battling Pollution: Washington State’s Urgent Fight for Cleaner Air

October 6, 2025
Equity in science is a beautiful lie — and I’m done pretending – Nature

Equity in science is a beautiful lie — and I’m done pretending – Nature

October 6, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version