Skip to content

TOPICS

The subject area of SAP security is broad. In addition to a holistic approach that builds bridges, we also try to provide you with a lot of information.
On this page, you will find an overview of topics. If you have any questions about the topics or our products, please do not hesitate to contact us.

What is the SAP cyber risk appetite?

Businesses must be more cautious to protect themselves from cyber threats as digitalization and the use of SAP systems increase. SAP S/4HANA is critical for many enterprises as it provides the foundation for business operations. As digitalization and Industry 4.0 continue to increase, SAP S/4HANA lays the foundation for many modern business scenarios. SAP systems are important for many industries and their security is a major concern, making them vulnerable to cyber attackers. This article will discuss cyber risks and how you can assess your individual and organizational SAP systems' risks. What are cyber risks?

The three most common types of SAP Patches

Installing SAP patches is crucial for maintaining a robust and secure enterprise resource planning (ERP) system. SAP, one of the leading ERP systems in the world, is constantly evolving to meet the changing needs of businesses. As a result, SAP releases various patches to address issues and enhance the functionality of its software. However, installing SAP patches can present challenges for IT teams, such as ensuring minimal disruption to business operations, managing risks, and testing the non-implemented patches. This article will discuss the three most common types of SAP patches- kernel patches, snote patches, and support packs - and the best practices for installing them.

5 Tips to ensure SAP Interfaces are secure

In this blog article, we will explore the importance of SAP interface security and discuss the various measures businesses can take to protect their systems and data. We will also examine some common threats to SAP interfaces and how to mitigate them. To safeguard your business, you need to understand the importance of SAP interface security and take steps to make your interfaces secure. 

SecurityBridge at the DSAG Technologietage 2023

SecurityBridge will be attending the DSAG Technologietage 2023 from March 22nd-23rd at the Congress Center Rosengarten in Mannheim.

Meet us at SAPinsider Las Vegas 2023

March 20-23: SecurityBridge will be attending SAPInsider 2023 in Las Vegas. Come meet us and learn more about SAP Security.

Game changer: Managed SAP Security Services

Many companies have recognized the need for SAP cybersecurity, but many have also realized that they cannot accomplish this alone. There are many reasons for this. It can be due to the internal teams' workload or due to the employee's level of knowledge. However, there is a solution that neither burdens your internal staff nor demands additional knowledge. A specialized managed SAP Security Service allows you to harden mission-critical systems, detect and promptly counteract non-compliance, and implement monitoring with accurate anomaly detection.

IT-SiG 2.0 – Angriffserkennung für SAP ab 1. Mai 2023 ein muss 

Viele unserer Leserinnen und Leser erinnern sich noch an den 25. Mai 2018, Stichtag der bindenden Einführung der Datenschutzgrundverordnung, kurz DSGVO. Verstöße gegen die neue Regelung können seitdem zu drakonischen Strafen führen. Nun steht, zumindest für diejenigen Unternehmen, die zur kritischen Infrastruktur (KRITIS) von Deutschland zählen, ein ähnlicher Termin ins Haus. Am 1. Mai 2023 müssen betroffene Unternehmen ein System zur Angriffserkennung eingeführt haben.

External vs. Internal SAP Cybersecurity Risks: The differences

Recently, we gave an insight into the known SAP attackers in our blog. Of course, it can already be deduced from this that there are internal and external SAP attackers. That is why today, we want to look at this from an SAP cybersecurity risk perspective.

SAP Business Technology Platform (SAP BTP) Security Considerations

Certainly, inspired by the many conversations we had at this year's DSAG Annual Congress 2022, it is time to give some insights into the SAP Business Technology Platform. As a software vendor with a core focus on SAP security, it is our job to look at the security concerns of new SAP technology. Our approach is to understand our customers' concerns and integrate effective and efficient solutions into our cybersecurity solution for SAP. The SAP Business Technology Platform is the talk of the town and seems to be SAP's new winning concept.

The difference between SAP Patch Management and Vulnerability Management

Believe it or not, I've probably attended more customer meetings in 2022 than ever before. And the question about the difference between SAP Patch Management and SAP Vulnerability Management keeps appearing. To give a conclusively answer, we need to take a closer look at the two separate areas.

Latest Resources

Which cybersecurity framework is the best fit for SAP application security?

Download the White Paper "Which cybersecurity framework is the best fit for SAP application security?" to learn more about the available frameworks, the challenges when adopting a framework, and more.

Your Road to SAP Security

Download the White Paper "YOUR ROAD TO SAP SECURITY" to learn about the major milestones towards increasing the cybersecurity posture of your SAP systems.

Top mistakes to avoid in SAP security

Within this whitepaper you will learn about the key mistakes that can be avoided when it comes to SAP Security. History has shown that many companies have suffered from cyber incidents, moreover, not all incidents are reported or have been made available to the public.

SAP Security Product Comparison Report

Download the SAP Security Product Comparison Report and understand that holistic security for SAP can be delivered by a single solution.

How remote working affects your SAP security posture

In our webinar on May 7th, we showcased a potential attack on an SAP system, using techniques which are common tools among hackers. Using a password spray attack, we first tried to gain access to the system and subsequently extracted the password hashes of all users.