Partner News
SecurityBridge Expands U.S. Partnerships With Taciti Consulting
SecurityBridge Expands U S Partnerships With Taciti Consulting Alliance
Combined Efforts Streamline SAP S 4HANA Transformations and Secure SAP Ecosystem
Prerequisites for an AI-driven SAP Security – Part 1: Patching
Reducing attack surface is key
Ideally, the SAP Security team is ahead of the potential threat by continuously hardening the SAP system. Therefore, reducing the attack surface of an SAP system through hardening is a prerequisite for any AI-driven SAP Security approach.
The attack surface is the sum of all possible entry points or attack vectors, where an unauthorized attacker can access a system or application to extract data or manipulate sensitive information. The smaller the attack surface, the easier it is to protect. The SAP attack surface is by nature quite large, and reducing it means implementing various best practices, as mentioned in this article.
Patching helps reduce the attack surface
Among those best practices for hardening the system and reducing its attack surface, the mitigation of known vulnerabilities is one of the most straightforward tasks to start with. Every month, SAP releases patches for known vulnerabilities in SAP systems. Understanding their severity, their impact on your SAP landscape and their relevance to a specific system is key for efficient and short-term system patching. Therefore, SecurityBridge helps customers with a guided approach to balance between patch severity and implementation effort within the relevant patches for a specific SAP system. This allows customers to burn down their SAP patch implementation backlog efficiently and fast.
Automation and live recommendations allow efficient patching
Automating the implementation of SAP notes and patches is an additional way to increase the efficiency of this process in the customer’s organization. While this is obvious from a high-level perspective, SAP Security experts know how complex and heterogeneous the SAP patch management topic is. This makes automation very challenging. Nevertheless, SecurityBridge is also innovating in this area of SAP Security by providing automated implementation for the majority of SAP Notes. Only patches without manual steps and are considered safe to be deployed in the target system are released through this automated procedure. SecurityBridge performs a special internal patch assessment to ensure safety in this case.
Following the principle of a guided approach, SecurityBridge helps customers with recommendations for each vulnerability finding and SAP patch, based on expert knowledge and feedback from our community. Every newly discovered vulnerability starts a race between attackers and defenders, who can only win by either implementing compensating controls or if available, installing the patch before the exploitation. As time is of the essence in this scenario, SecurityBridge provides live recommendation updates to all customers, so they can instantly benefit from the community feedback.
Interested to learn how we can help you adopt a mature SAP Patch Management and other best practices for further hardening your SAP landscape? Contact us and we will be happy to tell you more about our guided approach to SAP Security excellence. For more SAP security-related news, articles, and whitepapers, please follow us on LinkedIn!
Posted by
Holger Huegel
Find recent Security Advisories for SAP©
Looking into securing your SAP landscape? This white-paper tells you the “Top Mistakes to Avoid in SAP Security“. Download it now.
SAP Cybersecurity
Taking the Taboo out of S_TABU Authorization Objects
SAP Authorization Objects for SAP NetWeaver AS ABAP technologies are not just blockers They are the ENABLER of access
SAP Cybersecurity
5 Steps for Kick-starting Holistic SAP Security in 1 Day
SAP Security teams can kick start a comprehensive security platform and gain significant improvements already within a day What they need is a holistic platform
