The first and only integrated Platform for SAP
Chapters
Share Article
SecurityBridge: the first and only holistic, natively integrated security platform, addressing all aspects needed to protect organizations running SAP from internal and external threats against their core business applications.
In one seamless platform all SAP vulnerabilities and risks can be identified and mitigation action can be taken.
Read more to learn what we have included in the recent release 4.75.
Summary
On July 29th 2020 a new release of SecurityBridge was made available for our subscribers. The release (version 4.75) includes new features and enhancements to the current security controls.
- Tight integration of SecurityBridge Code Vulnerability Analyser with SAP-ATC
- Incident & Response received a "Feed" section listing all relevant interactions
- Incidents can be created directly from the Incident & Response application
- Induction of an Incident Close dialog allowing additional documentation
- Security & Compliance Management can now start to start an audit run per system
- New detection patterns for NetWeaver AS Java
- All Fiori Apps have received a dedicated app-icon
- Threat detection monitor supports switching between local- and system time
- 7 new Security & Compliance Checks for S4/HANA systems have been released
- Detection pattern updates for SAP Patch Day - July'20
Highlight
Security Rating
Security & Compliance Management
The central component of SecurityBridge for SAP vulnerability management is the Security & Compliance Management application. It helps organizations to assess the complexity of SAP’s security settings throughout the entire landscape controlled from a central location. In Version 4.75, we enhanced the System view with additional metrics.
The system result view now lists the executed checks by result, directly on the page header. We introduced a 5-Star rating system allowing customers to compare the security rating across systems.
And if this wouldn’t be enough, a security level indicator has been added to the right part of the header. The indicator shows the security level per Area of Responsibility.
Highlight
Real-time knowledgebase integration
SecurityBridge Platform
An essential advantage for defenders in their fight against cyberattacks can be leveraged through efficient information management. Defenders have a need to know about risks, new configuration settings, and potential vulnerabilities residing in SAP’s vast product portfolio. We understand that in your role as a defender, you need up-to-date information directly within any solution, without the need of a software update. As a result of this understanding we are introducing real-time knowledge base integration. Any update applied to our online service portal is instantly available within all SecurityBridge applications.
Highlight
SAP HANA Database
Adding 7 new Security Checks to the SAP in-memory database
Enterprises transform their business quickly and effectively using S/4 HANA or only the in-memory database SAP HANA. New technologies also introduce new security challenges.
In this release, we enhance the existing security checks with 7 new configuration and compliance checks in following areas:
- HANA Password policy enforcement
- HANA Mulit-Tenant environments
- HANA Streaming Sever configuration
- HANA Application Function library
- HANA Default users
Highlight
Application Icons
Fiori Apps
SAP Fiori applications have introduced a new way of working. Compared to old-fashioned standard applications, the user experience has undergone a significant transformation.
End-users have become more efficient, and love the intuitive interface. One aspect of the new user experience is a unique but unified user interface. SAP Fiori allows developers to create very customized UI’s while the handling will remains unchanged.
All Fiori Apps provided by the SecurityBridge platform received a new and harmonized icon.
... and more
Detection Pattern updates
after recent SAP Patch Day's
Identification patterns for vulnerabilities published by SAP Patch Day in June and July (including detection for CVE-2020-6287 (Mulitple Vulnerabilities in NetWeaver AS JavA)) are included within our latest SecurityBridge release.
Learn more about SecurityBridge here…