Setting the right priorities for SAP security
A new roadmap function within the SecurityBridge SAP Security platform helps to set the right priorities for SAP security
The first security scan of your own ERP landscape often reveals an overwhelming amount of potential vulnerabilities. How to improve your own SAP security now? This question cannot be answered in a general way. SAP implementations are typically complex structures consisting of SAP NetWeaver, SAP Router, SAP WebDispatcher, SAP S4/HANA and possibly SAP Cloud. What was missing so far was a concept that enables SAP security managers to set the right priorities and assign them to their own employees in the team as concrete tasks.
From concept to pilot
A security concept is designed quickly, but concepts also have to be proven. Are they feasible and do they meet the requirements in the company? Precisely for this reason, SecurityBridge has conducted a direct exchange of ideas with its new concept of a “security roadmap” with customers and partners, tested it and transferred it to a new product feature.
The best solution to a complex problem is often based on a simple idea. The new SecurityBridge platform (from version 5.85.4) is capable of assessing the complexity of solving any security problem, as well as the likelihood of exploitation. This is the basis for a security roadmap that can then be implemented. Thus, users of the platform can be the first to fix such problems with a high security risk in order to quickly achieve improvements in SAP security.
Especially important is the feedback of the end users in order to assess whether a new function is accepted and brings the intended added value. To this end, all security applications included in the SecurityBridge platform have a “Send Feedback” function.
Treating dangerous problems first
The new roadmap was presented in spring 2022. The function simplifies the path to SAP security by enabling IT departments to immediately summarize all required software corrections in one area. SAP patches are automatically prioritized with a red, yellow and green traffic light pattern. So the most dangerous problems can be addressed first and do not get lost in the ever-growing list of security patches to be implemented.
In view of the constant hacker attacks on companies, IT staff must stay up to date on known SAP security problems and apply the recommended patches promptly. SecurityBridge’s security roadmap for SAP uses a modern and structured SAP Fiori UI to bridge communication gaps between IT stakeholders. It supports IT departments in identifying and categorizing risks. In this way, vulnerabilities can be remedied by a documented and logical mitigation process.
The new function extends the Security & Compliance Monitor of the SecurityBridge platform. This allows you to customize your own SAP security baselines and combine information from other platform sources and the online knowledge database with each other. It creates a 360° view of activities and detected vulnerabilities.
SecurityBridge is a software manufacturer with headquarters in Ingolstadt, Germany and several international locations. In response to the constantly growing threat situation due to cyber attacks, the SecurityBridge platform of the same name offers an attractive and effective security solution for SAP customers. The software platform, which is fully integrated into SAP, detects cyber attacks at an early stage and reliably repels them. In addition to monitoring, the SecurityBridge platform offers in-depth analysis tools to detect not only insecure configuration and missing security updates, but also vulnerabilities in customer-specific SAP developments.