“SECURE TOGETHER” 2024 – Key Highlights and Innovations from Our co-hosted SAP Security Event in Rotterdam
On June 19, 2024, the premier SAP security customer event of the year returned to Rotterdam.
Held at the stunning venue of the Euromast, the occasion attracted over one hundred professionals from the SAP security community, marking a significant gathering of industry leaders and experts. It was organized and sponsored by Accenture, Bowbridge, Fortinet, and SecurityBridge. The SAP and NoMonkey teams also greatly contributed to its overall success with insightful presentations.
The event was named “Secure Together” to highlight the combined strength of multiple vendors and service providers, offering complete SAP Security coverage to our valued customers. The theme emphasized that we are stronger together, reinforcing the importance of close collaboration in securing SAP systems.
The main organizational contributions were made by our Sales Director Europe, Jaap van der Meer, and Accenture’s SAP security expert Tiede-Jan de Jong, whose support and expertise were instrumental in the event’s outstanding outcome.
Read on to discover the highlights of the day.
SecurityBridge shows AI use-cases
In today’s ever-changing technological landscape, the integration of Artificial Intelligence into various applications is becoming increasingly essential. Piloting the first security-focused AI integration scenarios allows our customer base to envision practical implementations of AI technologies, fostering innovation and improving efficiency.
At our “Secure Together” event, our CTO Ivan Mans demonstrated a few use cases that will soon be made available within the SecurityBridge standard product:
1. Select relevant security events through natural text:
Leveraging natural language processing (NLP) techniques enables the filtering and identification of critical incidents from vast amounts of textual data. This approach enables security professionals to efficiently pinpoint significant threats, anomalies, and breaches described in reports, logs, and alerts.
2. Explain the purpose of the source code
For non-developers, comprehending the functionality and intent of source code can be challenging due to the technical complexity and specialized language involved. To bridge this gap, we will leverage AI technologies to translate the purpose and actions of source code into natural, easily understandable text. This approach will demystify the code, making its functions and objectives clear to those without a technical background, thereby enhancing collaboration, transparency, and overall comprehension within the team. By converting code into plain language, AI helps ensure that all stakeholders, regardless of their technical expertise, can effectively engage with and contribute to the project.
3. Vulnerability type guidance
Providing detailed information on vulnerability types involves explaining the nature and implications of each vulnerability, including what it is, how it can be exploited, and its potential impact on systems and data. This comprehensive approach also includes practical guidance on fixing vulnerabilities, outlining specific steps and best practices for remediation.
SecurityBridge enhances SAP Enterprise Threat Detection
“Secure Together” was not just the event name but also the central theme of the session led by Arndt Lingscheid, Product Manager for SAP SE’s security products, and Christoph Nagy, SecurityBridge’s CEO. The experts demonstrated how the SecurityBridge Security & Compliance function can enhance SAP Enterprise Threat Detection. During the session, they elucidated the audience on the Why, What, and When, providing insights into the reasons and motivations behind the integration, specific use cases, and identifying the customer scenarios where this integration delivers the most value. Read more about the integration in the following article.
Henkel shares the use-case scenario for malware protection using bowbridge and SecurityBridge
Another enlightening session was Henkel’s showcase of a use-case scenario for malware protection utilizing a combination of bowbridge and SecurityBridge’s solutions. Jörg Schneider-Simon, CTO of Bowbridge, and Markus Hille from Henkel detailed how enhanced malware protection is achieved at scale by integrating the SAP Virus Scan Interface (VSI) with bowbridge’s solutions, complemented by additional alerting from SecurityBridge Threat Detection. This insightful session also served as an announcement for bowbridge’s new Hybrid-SaaS content security solution for SAP VSI and its successful integration with Fortinet, a world-leading infrastructure security provider.
SAP UCON, Zero Trust, and SAP BTP presented by SAP Security Experts from Fortinet and Accenture
Philipp Stark, Security Delivery Consultant at Accenture, and Julian Petersohn, Principal Systems Engineer SAP Security at Fortinet, illustrated various challenges and solutions for SAP RFC. They provided insights into SAP Unified Connectivity (UCON), how to harden RFC / RFM, and the limitations of SAP UCON and SAP Authorizations.
Further on, Khalid Hussain, Senior Manager for Security Transformation at Accenture, and Julian Petersohn conducted a session titled “Zero Trust Approach for SAP RISE and Non-RISE”. They discussed the customer responsibility in SAP RISE PCE, illustrated SAP Connectivity Flow Architecture, SAP Zero Trust Recommendations, SAP On Azure RISE PCE, and SAP Security and ZT Reference Architecture.
Lastly, our CTO Ivan Mans and Goldy Verma, SAP Security Senior Manager at Accenture, delved into the vital topic of SAP BTP Security, outlining Top SAP BTP Use Cases, the SAP BTP Security & Compliance Model, and Accenture’s SecurityBridge Services.
SAP shares insights into Product Security Initiatives including the SAP Security API
Siddhartha Rao (Vice President – Product Security, SAP) explained the vast area of SAP product security and how this comprises 1000+ products or services. The commitment of SAP to bring security to a higher level is impressive and further demonstrated by the delivery and further development of the SAP Security API in SAP Cloud ALM. SecurityBridge has been collaborating closely with SAP to integrate SAP security recommendations into the SecurityBridge product fully.
We are proud and pleased to have already showcased a preview of this integration at the event. We look forward to further cooperation with SAP and the release of more cloud services this year via this framework to deliver an even better comprehensive overview of the security posture of our customers’ IT landscapes.
Accenture and SecurityBridge celebrate the official global partnership
Another exciting announcement was shared during the day: SecurityBridge and Accenture are joining forces to deliver unparalleled value to clients and provide them with the most innovative SAP cybersecurity strategies and solutions. This partnership is set to redefine the traditional audit-driven approach to SAP security, offering a unique blend of Accenture’s expert consulting, strategies, and implementations with SecurityBridge’s continuous cybersecurity into — Accenture’s worldwide SAP projects. We are delighted to be working with such a reputable and worldwide–known partner, leveraging our combined expertise to enhance the security and resilience of our customers’ SAP environments.
Accenture presents SAP GRC integration with the SecurityBridge Platform
Organizations interested in the SAP GRC Process Control and SecurityBridge platform are looking for a solution that simplifies managing the entire IT control lifecycle while minimizing the resources needed for day-to-day operations. The full Integration of SAP GRC Process Control with SecurityBridge can enhance the overall security posture and compliance management and is planned to be made available after the summer.
The last session regarding this key topic was presented by Vincent Doux (COE, SAP Customer Solution Advisor – SAP), Andreas Kirchebner ( Security Delivery Senior Manager, Accenture), and Bhanu P. Nagalla (Security Delivery Specialist, Accenture).
Crucial focal points of this upcoming integration are that customers can leverage existing organizational hierarchy, control master data /framework or control life cycle management capabilities of SAP Process Control and that regulations and policies can now be mapped to relevant automated controls.
Furthermore, the reviewed results can be remediated and monitored by an in-built issue management workflow in SAP Process Control. Both tools can be integrated by default ABAP Connector & accessed in the same Fiori launchpad interface. Enhanced visibility will be gained into the compliance status of business processes and finally, IT systems and technical efforts will be reduced.
Conclusion
We are grateful to everyone who attended this eye-opening event, making it a defining moment for innovation in the field. The lively discussions and enthusiastic participation highlighted why such gatherings are essential for any company’s security success. This demonstrates the SAP security community’s commitment to advancing security measures and collaborating closely for a safer digital future. We anticipate collaborating again with our valued partners and look forward to repurposing such occasions soon!
“I was more than happy to be there for this second edition, I learnt again lot of things, and created new relationships with SecurityBridge customers. This event is a “MUST” !!!”
Stephane Peteytas, SAP Cybersecurity Manager at Sanofi
