Skip to content

The road to our new feature Security Roadmap

SAP security roadmap

Over the past months, I’ve spent a lot of time talking to customers and prospects to better understand their requirements,  challenges and motivations. In these conversations, one question has been frequently asked: “What’s the best way to move forward in SAP security after the initial security analysis?”

Christoph Nagy
CEO SecurityBridge

From the question to the concept

The question is not easy to answer in a generalized way. SAP implementations are typically complex structures consisting of SAP NetWeaver, SAProuter, SAP WebDispatcher, SAP S4/HANA, and possibly SAP Cloud. This is however a great question facing many security teams, so we discussed it with the SecurityBridge engineering team, who love a technical quandry and debate. A few discussions later, we had a concensus and a concept.

From concept to pilot

The problem with concepts is that they’re worthless unless proven. This is usually not a problem, as our experts are very good at assessing what’s feasible, but more importantly you need to know if the concept meets your clients’ requirements.

SAP security workshop

That’s why we discussed it with customers and partners. I particularly enjoy the constructive atmosphere and the open discussions and freely exchanged ideas. This gives each of our customers and partners the best opportunity to help shape the future of the solution. A few discussions later, and admittedly some changes to the initial concept, we moved on to implement a pilot.

The solution must be simple

The best solution to a complex problem is often based on a simple idea, as it proved to be in this case. Remember, customers are faced with the challenge of how to best proceed in order to increase system security. They look at an actual picture of the current system security which may contain many red lights and warnings.

SecurityBridge (from version 5.85.4 onwards) has the ability to evaluate the resolution complexity of any security issue, as well as the probability of exploitation. This is the basis for a security roadmap that can be implemented. So now, our customers can set priorities on findings that are easy to resolve but have a high risk of exploitation.

Feedback is important!

It is particularly important to ask for feedback from end-users in assessing whether the new feature is accepted and meets the intended added-value. For this purpose, all security applications included in the SecurityBridge platform have a “Send Feedback” function. Additionally, we ask our customers and partners about their experiences in the course of regular discussions. The Security Roadmap function, by the way, is well received and has already helped many SecurityBridge customers to identify and realize quick wins. More complex topics can be planned specifically on a roadmap.

Final words

Our common goal is to help you to enhance your SAP system security, and to sustain the achieved security posture holistically. This is a huge task and will be accomplished more easily and efficiently as a team. Therefore, we are continually growing the numbers of our partners and extended “team”. We’d love to share our insights with you so feel free to reach out at any time.

Posted by

Till Pleyer
Find recent Security Advisories for SAP©

Looking into securing your SAP landscape? This white-paper tells you the “Top Mistakes to Avoid in SAP Security“. Download it now.

Webinar: Why is SAP Security Patching not like Windows Updates?

The webinar, taking place on demand is all about SAP Patch Management and its challenges. The German-speaking SAP User Group (DSAG) and the American colleagues of ASUG asked why SAP security patching cannot be as simple and effective as, for example, Windows updates.

SecurityBridge at the DSAG22: How to protect SAP systems during these times

Together with its partner, Fortinet, the SAP Security specialist company will present how to close the gap between SAP and network security in Leipzig.
SAP Security Services
SAP Cybersecurity- Security News
Many companies have recognized the need for SAP cybersecurity, but many have also realized that they cannot accomplish this alone. There are many reasons for this. It can be due to the internal teams' workload or due to the employee's level of knowledge. However, there is a solution that neither burdens your internal staff nor demands additional knowledge. A specialized managed SAP Security Service allows you to harden mission-critical systems, detect and promptly counteract non-compliance, and implement monitoring with accurate anomaly detection.
Patch Management
SAP security provider SecurityBridge—now operating in the U.S.—today announced the full integration of its SAP Security Platform with the Microsoft Sentinel cloud-native Security Information and Event Manager (SIEM) platform and its membership to MISA. SecurityBridge was nominated to MISA because of the integration of its SAP Controller to the Microsoft Sentinel dashboard. SecurityBridge is a Smart Data Adapter that significantly simplifies security monitoring of critical and highly specific business applications.
Angriffserkennung für SAP
SAP Cybersecurity- SAP Identity and Authorization- SAP Threat Monitoring- Security News
Viele unserer Leserinnen und Leser erinnern sich noch an den 25. Mai 2018, Stichtag der bindenden Einführung der Datenschutzgrundverordnung, kurz DSGVO. Verstöße gegen die neue Regelung können seitdem zu drakonischen Strafen führen. Nun steht, zumindest für diejenigen Unternehmen, die zur kritischen Infrastruktur (KRITIS) von Deutschland zählen, ein ähnlicher Termin ins Haus. Am 1. Mai 2023 müssen betroffene Unternehmen ein System zur Angriffserkennung eingeführt haben.
SAP Cybersecurity Risks
SAP Cybersecurity- SAP Security Framework- Security News
Recently, we gave an insight into the known SAP attackers in our blog. Of course, it can already be deduced from this that there are internal and external SAP attackers. That is why today, we want to look at this from an SAP cybersecurity risk perspective.

“SecurityBridge is committed to supporting our ecosystem of partners to continue our fast company growth. Our partners bring us the scale we need with their extensive customer relationships and substantial technical expertise that ensures customer success.”

Christoph Nagy
CEO SecurityBridge