TOPICS

The subject area of SAP security is broad. In addition to a holistic approach that builds bridges, we also try to provide you with a lot of information.
On this page, you will find an overview of topics. If you have any questions about the topics or our products, please do not hesitate to contact us.

Interview with Branden Newman after 6 months on the Board of Advisors

Transformational cybersecurity expert Branden Newman was appointed to the board of advisors at SecurityBridge and recaps on his experience after the first six months.

The Art of SAP Security

100% security just doesn’t exist. Any security measures taken will not be perfect, ever, and will require continuous adjustment. Ignoring security for SAP is not an option, it’s merely applying due diligence to any company’s most valuable, and essential core business.

Why normalize and automate SAP audits?

Auditors are digging into SAP in more detail, asking questions about the secure configuration of SAP and the use of critical standard profiles, beyond the known SAP_ALL authorization profile.

Interfaces a major concern for SAP S4/HANA transformations

SAP S4/HANA is the latest generation of SAP Business Application based on the HANA database. May organizations are in the migration or planning to perform a migration to SAP S4/HANA. The prerequisite for an effective S4/HANA migration phase is a clean and well-prepared environment.

IBM QRadar Security Intelligence​

IBM QRadar provides an adapter for the distinct purpose of connecting with RESTful APIs. Using SecurityBridge you can turn your SAP instances into a smart security event provider to turn the enterprise-critical application into a white box for your SOC team.

The asymmetry between attackers and defenders

Complex, enterprise-critical systems, are not secure by design, and by default. Defenders must put in an effort, usually manual, to maintain and build a secure configuration. Once accomplished, the security posture needs to be maintained, continuously and long-term, while the system is subject to frequent change and version updates.

3 Reasons to start monitoring SAP

There appears to be a new trend for companies to centralize their log sources into Security Information and Event Management (SIEM) solutions. The time has come to look at SAP. This article explains why.

Virtual patching – especially attractive to SAP customers?

SAP systems belong to the companies’ critical infrastructures, no doubt. Yet, enterprises struggle with the timely implementation of patches. Within this article, we provide a deep-dive into the challenges that let you remember how patching SAP NetWeaver application works.

Why CISA strongly recommends monitoring SAP?

The Cybersecurity and Infrastructure Security Agency (CISA) strongly recommends organizations immediately apply patches, and in situations where patches cannot be applied, CISA recommends “closely monitoring your SAP NetWeaver AS for anomalous activity”.

The week after SAP RECON
[CVE-2020-6287]

SAP Patch Day July 2020 shocked the customer community of SAP SE. Although everyone assumed that zero-days with a high-risk potential of exploitation exist, the recent Patch Day has delivered evidence. Read more to understand what you should do as the next best action to protect your enterprise.

Latest Resources

Your Road to SAP Security

Download the White Paper "YOUR ROAD TO SAP SECURITY" to learn about the major milestones towards increasing the cybersecurity posture of your SAP systems.

Top mistakes to avoid in SAP security

Within this whitepaper you will learn about the key mistakes that can be avoided when it comes to SAP Security. History has shown that many companies have suffered from cyber incidents, moreover, not all incidents are reported or have been made available to the public.

SAP Security Product Comparison Report 2019

Download the SAP Security Product Comparison Report (2019) and understand that holistic security for SAP can be delivered by a single solution.

How remote working affects your SAP security posture

In our webinar on May 7th, we showcased a potential attack on an SAP system, using techniques which are common tools among hackers. Using a password spray attack, we first tried to gain access to the system and subsequently extracted the password hashes of all users.