SAP Security Patch Day – September 2024
Many ‘Medium’ to ‘Low’ priority notes. The September release contains a total of 19 patches for the severities illustrated as follows.
When looking at a large and complex SAP landscape, some might think that implementing an effective security posture for such an environment is a big and long-term project. We see a lot of tools in the market that provide security for SAP as a service and show results within a day or less.
However, this quick implementation turnaround often comes with a limited scope of monitoring standard SAP logs and mainly processing easily accessible APIs. Unfortunately, raw SAP logs are difficult to understand and require a lot of additional information from the depths of an SAP technology stack to translate them into decision-enabling event messages. Additionally, SAP teams must be aware that SAP Security is not just about monitoring but also entails system hardening through patching, secure configurations and custom coding.
We at SecurityBridge believe that only an SAP Security approach that covers all necessary topics gives SAP teams the mandatory response capabilities to current cyberattacks. Such an approach might require additional organizational and process changes which take time. However, SAP Security teams can kick-start a comprehensive security platform and gain significant improvements already within a day. What they need is a holistic platform and a guided approach to SAP Security.
This is an important initial step that is often forgotten. Even with the best SIEM tools, you need to know what to do in case of an event and the recommended mitigations. It is challenging for SAP administrators to be on top of all kinds of SAP Security-related insights, but an up-to-date SAP Security Knowledge Base puts them in the driver’s seat.
We put everything we know about SAP Security into a common Online Knowledge Base that is accessible to all our customers. The SecurityBridge Platform runs onsite, allowing customers to leverage information from the Knowledge Base, thus making it easier for users to find what they are looking for.
Whether your SAP Security monitoring is rule-based or AI-based, its foundation is always a full set of expertise. The difference lies in the way it is turned into an automated monitoring solution. With this, you can be sure that you are always alerted in case of a cyberattack, enabling you to focus on your daily tasks within SAP Operations.
The SecurityBridge Threat Detection has hundreds of configured and active out-of-the-box listeners to detect known attack vectors and malicious activities. In addition, it leverages an anomaly detection engine to identify more sophisticated threats and receives instant updates from the SecurityBridge Cloud for new critical SAP vulnerabilities.
Most cyberattacks misuse highjacked user accounts to get access to the SAP system. The easiest way to detect this misuse is to inform the account owner whenever application logins are performed from other devices or IP addresses different from the usual ones. This is common practice in all cloud services to protect user accounts, so why not leverage the same approach for SAP?
The SecurityBridge Identity Protection uses an automated self-learning approach to create user profiles with valid accounts and access points. Whenever a new endpoint or client device is used, the SAP user is notified and can respond in the event of a malicious attempt. The SecurityBridge action framework can then trigger automated mitigation steps, such as temporarily blocking the account.
Ideally, it comprises all SAP Security topics, including not only the monitoring status but also the system vulnerability rating, the patching status of landscapes, and a summary of critical code vulnerabilities in your custom applications. Such a dashboard keeps SAP administrators on top of the security issues in their landscape and is the starting point for detailed analyses, forensics, and mitigating actions.
Our Security Dashboard for SAP provides out-of-the-box widgets for all SAP Security topics covered by the SecurityBridge Platform. Customers can adapt these widgets, filter the data, and structure the views they need for the various SOC roles. All widgets provide access to the Platform module designed for a specific topic, where users can perform further investigations.
Only SAP Security teams that have an automated security shield around their SAP environment, are on top of their SAP Security posture state, and have access to a comprehensive SAP Security Knowledge Base, have the capacity to continuously harden their systems. However, as there are thousands of settings, having a list of those that matter most and are easy to fix is a very efficient way to improve the overall resistance of SAP systems to cyberattacks.
The SecurityBridge compliance checks provide not only the exploitation risk of a vulnerability but also the resolution complexity associated with it. The built-in Security & Compliance roadmap leverages this information to create a sorted, always up-to-date list for the most efficient remediation approach. Critical issues that are easy to solve are on top of this list. In addition, trend reports automatically show the progress of the hardening work.
Are you interested in learning how we can help you adopt an All-in-One Security Platform for SAP and kick-start your process to a mature SAP Security posture?
Contact us and we will be happy to tell you more about our guided approach to SAP Security excellence. For more SAP security-related news, articles, and whitepapers, please follow us on LinkedIn!
Posted by
Find recent Security Advisories for SAP©
Looking into securing your SAP landscape? This white-paper tells you the “Top Mistakes to Avoid in SAP Security“. Download it now.
Many ‘Medium’ to ‘Low’ priority notes. The September release contains a total of 19 patches for the severities illustrated as follows.
SAP Cloud Identity Access Governance (IAG): An Introduction to Best Practices SAP Cloud Identity Access Governance (IAG) enables organizations to manage user access and compliance
Join industry leaders for a one-day event in Madrid to explore SAP security solutions and fortify your enterprise against evolving threats.