Session Security Protection
To increase security and prevent access to the SAP logon ticket and security session cookies, activate secure session management.
Session Security Protection on the SAP NetWeaver Application Server for Java
On the SAP NetWeaver Application Server for Java, set the HTTP provider properties as described in Session Security Protection on the SAP Help Portal.
XSRF Protection
SAP Landscape Management uses Cross-Site Request Forgery (CXRF/XSRF) tokens to access the HTTP-based interfaces as described in XSRF Protection for REST Services on the SAP Help Portal.