TOPICS
The subject area of SAP security is broad. In addition to a holistic approach that builds bridges, we also try to provide you with a lot of information.
On this page, you will find an overview of topics. If you have any questions about the topics or our products, please do not hesitate to contact us.
- Security News
The Art of SAP Security
100% security just doesn’t exist. Any security measures taken will not be perfect, ever, and will require continuous adjustment. Ignoring security for SAP is not an option, it’s merely applying due diligence to any company’s most valuable, and essential core business.
- Security News
Why normalize and automate SAP audits?
Auditors are digging into SAP in more detail, asking questions about the secure configuration of SAP and the use of critical standard profiles, beyond the known SAP_ALL authorization profile.
- Security News
Interfaces a major concern for SAP S4/HANA transformations
SAP S4/HANA is the latest generation of SAP Business Application based on the HANA database. May organizations are in the migration or planning to perform a migration to SAP S4/HANA. The prerequisite for an effective S4/HANA migration phase is a clean and well-prepared environment.
- Security News
IBM QRadar Security Intelligence
IBM QRadar provides an adapter for the distinct purpose of connecting with RESTful APIs. Using SecurityBridge you can turn your SAP instances into a smart security event provider to turn the enterprise-critical application into a white box for your SOC team.
- Security News
The asymmetry between attackers and defenders
Complex, enterprise-critical systems, are not secure by design, and by default. Defenders must put in an effort, usually manual, to maintain and build a secure configuration. Once accomplished, the security posture needs to be maintained, continuously and long-term, while the system is subject to frequent change and version updates.
- Security News
3 Reasons to start monitoring SAP
There appears to be a new trend for companies to centralize their log sources into Security Information and Event Management (SIEM) solutions. The time has come to look at SAP. This article explains why.
- Security News
Virtual patching – especially attractive to SAP customers?
SAP systems belong to the companies’ critical infrastructures, no doubt. Yet, enterprises struggle with the timely implementation of patches. Within this article, we provide a deep-dive into the challenges that let you remember how patching SAP NetWeaver application works.
- Security News
Why CISA strongly recommends monitoring SAP?
The Cybersecurity and Infrastructure Security Agency (CISA) strongly recommends organizations immediately apply patches, and in situations where patches cannot be applied, CISA recommends “closely monitoring your SAP NetWeaver AS for anomalous activity”.
- Security News
The week after SAP RECON
[CVE-2020-6287]
SAP Patch Day July 2020 shocked the customer community of SAP SE. Although everyone assumed that zero-days with a high-risk potential of exploitation exist, the recent Patch Day has delivered evidence. Read more to understand what you should do as the next best action to protect your enterprise.
Latest Resources
- White Paper
Your Road to SAP Security
Download the White Paper "YOUR ROAD TO SAP SECURITY" to learn about the major milestones towards increasing the cybersecurity posture of your SAP systems.
- White Paper
Top mistakes to avoid in SAP security
Within this whitepaper you will learn about the key mistakes that can be avoided when it comes to SAP Security. History has shown that many companies have suffered from cyber incidents, moreover, not all incidents are reported or have been made available to the public.
- Report
SAP Security Product Comparison Report 2019
Download the SAP Security Product Comparison Report (2019) and understand that holistic security for SAP can be delivered by a single solution.
- Video
How remote working affects your SAP security posture
In our webinar on May 7th, we showcased a potential attack on an SAP system, using techniques which are common tools among hackers. Using a password spray attack, we first tried to gain access to the system and subsequently extracted the password hashes of all users.