TOPICS

The subject area of SAP security is broad. In addition to a holistic approach that builds bridges, we also try to provide you with a lot of information.
On this page, you will find an overview of topics. If you have any questions about the topics or our products, please do not hesitate to contact us.

Demystify ransomware in the context of SAP

To demystify ransomware in the context of SAP we need to look at the attack scenario. While traditional ransomware hits the victim on the operating system level, the SAP technology stack is only impacted if the server platform was successfully attacked.

Efficient Patch Management for SAP

Applying security updates is a very effective protection against successful cyberattacks. Unfortunately, SAP patching is essential but time-consuming, and keeping a system unpatched is like sending an open invitation to threat actors.

Cross-layered detection and response (XDR) for SAP

In this article, we want to share our thoughts on the meaning of cross-layered detection and response and elaborate on why we think it’s an important step to maturity for IT-Security.

Interview with Branden Newman after 6 months on the Board of Advisors

Transformational cybersecurity expert Branden Newman was appointed to the board of advisors at SecurityBridge and recaps on his experience after the first six months.

The Art of SAP Security

100% security just doesn’t exist. Any security measures taken will not be perfect, ever, and will require continuous adjustment. Ignoring security for SAP is not an option, it’s merely applying due diligence to any company’s most valuable, and essential core business.

Why normalize and automate SAP audits?

Auditors are digging into SAP in more detail, asking questions about the secure configuration of SAP and the use of critical standard profiles, beyond the known SAP_ALL authorization profile.

Interfaces a major concern for SAP S4/HANA transformations

SAP S4/HANA is the latest generation of SAP Business Application based on the HANA database. May organizations are in the migration or planning to perform a migration to SAP S4/HANA. The prerequisite for an effective S4/HANA migration phase is a clean and well-prepared environment.

IBM QRadar Security Intelligence​

IBM QRadar provides an adapter for the distinct purpose of connecting with RESTful APIs. Using SecurityBridge you can turn your SAP instances into a smart security event provider to turn the enterprise-critical application into a white box for your SOC team.

The asymmetry between attackers and defenders

Complex, enterprise-critical systems, are not secure by design, and by default. Defenders must put in an effort, usually manual, to maintain and build a secure configuration. Once accomplished, the security posture needs to be maintained, continuously and long-term, while the system is subject to frequent change and version updates.

3 Reasons to start monitoring SAP

There appears to be a new trend for companies to centralize their log sources into Security Information and Event Management (SIEM) solutions. The time has come to look at SAP. This article explains why.

Latest Resources

Your Road to SAP Security

Download the White Paper "YOUR ROAD TO SAP SECURITY" to learn about the major milestones towards increasing the cybersecurity posture of your SAP systems.

Top mistakes to avoid in SAP security

Within this whitepaper you will learn about the key mistakes that can be avoided when it comes to SAP Security. History has shown that many companies have suffered from cyber incidents, moreover, not all incidents are reported or have been made available to the public.

SAP Security Product Comparison Report

Download the SAP Security Product Comparison Report and understand that holistic security for SAP can be delivered by a single solution.

How remote working affects your SAP security posture

In our webinar on May 7th, we showcased a potential attack on an SAP system, using techniques which are common tools among hackers. Using a password spray attack, we first tried to gain access to the system and subsequently extracted the password hashes of all users.