Skip to content

SAP Platform Security: the Last Line of Defence

SAP Platform Security as the last line of defence

In today’s IT landscape, security plays a crucial role in minimizing risks for business. Companies invest heavily in defensive measures to keep malicious parties outside their corporate networks. Typical security investments in the SAP regard areas like:  

  • Network security (Firewalls, IDS / IPS, Web Application Firewalls, etc)  
  • Operating System and Database security  
  • Endpoint and Interface Security  
  • SAP Authorizations and GRC 

 

All the above technologies are deployed to defend against malicious attacks, and while they certainly have their value, we still see daily headlines of organizations worldwide getting breached. This is not surprising, as there are numerous ways for malicious actors to gain access to corporate networks, like:  

  • Technical vulnerabilities in software (SAP alone released close to200SAP Security patches in the past 12 months)  
  • Phishing or other social engineering attacks against your employees 
  • Using stolen accounts, Credential theft 

 

Once an attacker has gained access to the corporate network, there is often not much standing in the way of these business-critical SAP environments. SAP systems typically contain organizations’ crown jewels, like sensitive customer data, intellectual property, or financial data. 

Traditional generic security solutions do not work on the SAP application layer, while SAP authorizations and GRC solutions only minimize risks once a malicious actor is already insidethe SAP application.   

Make it as hard as possible

The above stresses the importance of a last line of defense, specifically aimed at protecting the SAP application layer. For that reason, the SecurityBridge Platform is developed to detect attacks on the SAP application level and to proactively scan your SAP systems for critical misconfigurations, missing patches, authorization-related risks, critical system interfaces, custom code issues, and other vulnerabilities. 

Our observation after being in this industry for over a decade is that most of the SAP-driven organizations have a large backlog of SAP Security hardening and remediation activities to catch up with. This is often a tedious job, especially in the SAP world, with its technologies, terminology, and large and highly complex system landscape. The good news is that there are solutions available. The SecurityBridge Platform helps customers by automating most of these activities. It gives you necessary and valuable insight into the holistic security status of your SAP systems. Mastering SAP Security has never been easier.  

Are you interested in learning more? We are happy to tell you more about the unique SecurityBridge Platform capabilities. For more SAP security-related news, articles, and whitepapers,  please follow us on LinkedIn or other Social Media platforms!  

Posted by 

Joris van de Vis

Find recent Security Advisories for SAP©

Looking into securing your SAP landscape? This white-paper tells you the “Top Mistakes to Avoid in SAP Security“. Download it now.

hacking
In SAP’s patch round of February 2022, an SAP Security Note was released with a CVSS score of 10/10 named, “Request smuggling and request concatenation in SAP NetWeaver, SAP Content Server and SAP Web Dispatcher”. This particular type of vulnerability is not common in SAP systems and therefore interesting to look at. As patching the SAP kernel executables is often not done promptly, we can expect this vulnerability present in the customer’s systems for quite some time.
code pc
In one of our recent articles, we pointed out the use of Access Control Lists (ACLs) to better manage access control. Below, we will show a practical example of how this can be done for inbound HTTP communication with the ‘Internet Communication Manager’ (ICM) component of an SAP system.
SAP Security Patch Tuesday 2024
For February 2024, 13 new Security Notes have been released and 3 have been updated. Lets look at some highlights, starting with the ‘HowNews’ notes.