The first and only integrated Platform for SAP

SecurityBridge: the first and only holistic, natively integrated security platform, addressing all aspects needed to protect organizations running SAP from internal and external threats against their core business applications.

In one seamless platform all SAP vulnerabilities and risks can be identified and mitigation action can be taken.

Read more to learn what we have included in the recent release 4.75. 

Summary

On July 29th 2020 a new release of SecurityBridge was made available for our subscribers.  The release (version 4.75)  includes new features and enhancements to the current security controls.

Highlight

Security Rating

Security & Compliance Management

The central component of SecurityBridge for SAP vulnerability management is the Security & Compliance Management application. It helps organizations to assess the complexity of SAP’s security settings throughout the entire landscape controlled from a central location. In Version 4.75, we enhanced the System view with additional metrics.

The system result view now lists the executed checks by result, directly on the page header. We introduced a 5-Star rating system allowing customers to compare the security rating across systems. 

And if this wouldn’t be enough, a security level indicator has been added to the right part of the header. The indicator shows the security level per Area of Responsibility.

Highlight

Real-time knowledgebase integration

SecurityBridge Platform

An essential advantage for defenders in their fight against cyberattacks can be leveraged through efficient information management.  Defenders have a need to know about risks, new configuration settings, and potential vulnerabilities residing in SAP’s vast product portfolio. We understand that in your role as a defender, you need up-to-date information directly within any solution, without the need of a software update. As a result of this understanding we are introducing real-time knowledge base integration. Any update applied to our online service portal is instantly available within all SecurityBridge applications.

Highlight

SAP HANA Database

Adding 7 new Security Checks to the SAP in-memory database

Enterprises transform their business quickly and effectively using S/4 HANA or only the in-memory database SAP HANA. New technologies also introduce new security challenges. 

In this release, we enhance the existing security checks with 7 new configuration and compliance checks in following areas:

Highlight

Application Icons

Fiori Apps

SAP Fiori applications have introduced a new way of working. Compared to old-fashioned standard applications, the user experience has undergone a significant transformation.

End-users have become more efficient, and love the intuitive interface. One aspect of the new user experience is a unique but unified user interface. SAP Fiori allows developers to create very customized UI’s while the handling will remains unchanged. 

All Fiori Apps provided by the SecurityBridge platform received a new and harmonized icon.

... and more

Detection Pattern updates

after recent SAP Patch Day's

Identification patterns for vulnerabilities published by SAP Patch Day in June and July (including detection for CVE-2020-6287 (Mulitple Vulnerabilities in NetWeaver AS JavA)) are included within our latest SecurityBridge release.

Learn more about SecurityBridge here

Find recent Security Advisories for SAP©
SAP Patchday
On 8th of September 2020, SAP Security Patch Day saw the release of 10 new Security Notes. There were 6 updates to previously released Security Notes. We strongly recommend to carefully revisit the September release as critical vulnerabilities have been resolved.
SAP Patchday
Despite the holiday season the SAP Security Response team remains very active as we see with the August patch day. On 11th of August 2020 15 new Security Notes have been released. There was 1 updated to the CVSS-10 vulnerability already released last month.