Are your SAP systems the cornerstone of your IT? If so, you'll probably be alarmed to hear that in nearly all of our penetration tests, we've been able to gain access to local systems - along with adjacent systems, in most cases - in less than an hour. And none of the monitoring tools in use detected a thing!
Keeping a constant eye on your transactions and applications is thus essential to protecting your IT landscape.
The SAST SUITE detecting critical incidents right when they occur, you'll be able to take immediate action in response.
The ability to monitor risks and compliance and conduct rapid analyses will result in better protection for your sensitive data while ensuring that you comply with all the relevant legal obligations.
Start getting proactive about managing risks
Holistic, effective risk management in IT will help you make sounder decisions faster and present tremendous potential for value creation throughout your company.
In practice, we continue to witness a lack of measures appropriate for identifying dangers early on; IT risk management is too often understood as a reactive process.
Get proactive with SAST RCM (formerly known as RiskTrack), a module that enables you to implement your own specific security and compliance policies and define exactly who is to check which parameters, along with when and how. It also gives you the option to mark every identified risk - resulting from technical system monitoring, authorization and SoD analysis, or other types of checks - for further handling with a click of the mouse. In SAST Risk and Compliance Management, you'll thus gain a full-range reporting solution for mitigating your exposure.
How SAST SUITE can assist you:
- Manual and automated checks that produce documented results
- Calculates your compliance status
- Automatically includes the SAST Suite rule set as a default policy
- Drag-and-drop policy editor enables you to create and maintain your own specific guidelines
- Support for planning recurring audits, defining their scope, and automating their execution
- Provides detailed descriptions of all identified risks
- Manages your mitigating controls
- Includes a SAST Suite policy that covers DSAG's auditing guidelines (version 2.0)
Detect cyberattacks in real time
Classic SIEM tools focus on detecting unusual behavior within IT infrastructures. But SAP systems are usually a blind spot.
Detecting attacks based on log files and analyzing network traffic requires in-depth knowledge of the potential paths and patterns such incursions can follow. This means intelligent information management is necessary in order to assess security data of this kind. Events relevant to security have to be filtered out of a sea of data and placed in the proper context.
Our SAST Security Radar module therefore not only analyzes SAP protocols for the detection of threats, but also integrates configuration and role analyses.
By integrating it with an overarching SIEM tool, you can also consolidate all the security incidents detected in your SAP systems and other areas of your IT landscape. A comprehensive, dashboard-based overview of your security status will then be just a mouse-click away.
How SAST SUITE can assist you
- Push-button access to the security status of your entire SAP system landscape
- Constant monitoring of your system configuration, user authorizations, and security and change logs
- Provides real-time information on violations of your security policy in an aggregated, quantified format
- Option to pseudonymize your user data to ensure compliance with the data protection laws of Germany (BDSG) and the EU (GDPR)
- Automatically issues alerts in response to critical incidents and complex events (combinations of multiple non-critical events)
- Rapid implementation, cost-effective operation
- Ongoing content updates will keep your systems up-to-date
- Integrates with IBM QRadar, HP ArcSight, Splunk, and LogPoint to create an overarching SIEM solution
Prevent data theft in your SAP systems
In many cases, SAP users have more than just access to sensitive data; they can also easily download the contents of entire tables or e-mail them to external contacts with no one the wiser. Besides being problematic in terms of data protection law, this could reveal your trade secrets or make you a victim of industrial espionage.
In the SAST DLM module (formerly known as Download Observer), we offer a means of monitoring downloads of your sensitive data. It automatically tracks and logs every download executed in your SAP systems, giving you a highly effective tool for protecting your company against violations of data protection regulations and industrial espionage.
How SAST SUITE can assist you
- Protects your critical business data against loss, misuse, industrial espionage, and theft
- Supports your company's internal organizational policies
- Logs downloads executed through SAP GUI or file extracts (with the option to include outgoing e-mails, as well)
- Secures the contents of your SAP database
- Supports direct integration into your SAP landscape
- Further options for activating user notifications, download blocking, and approval procedures
Transparent visual analysis of your risks
Do you want to do more than just identify critical SAP system activities? Are you looking for a way to visualize and analyze them (including over time) with the necessary transparency? If so, SAST Management Dashboard is the perfect complement to your other SAST SUITE modules.
It takes just a few clicks to view a current status report based on your predefined risk indicators, and the dashboard can also show you what's causing certain security flaws. This makes high-quality information on your risk situation available at a glance whenever required.
How SAST SUITE can assist you
- Risk analyses based on the business intelligence tool Qlik Sense
- Intuitive interface enables you quickly identify security flaws (even without special IT expertise)
- Peak performance thanks to in-memory technology
- Link all your data - from aggregated risk indicators down to the detailed level - with just a few clicks
- Rapid implementation based on standardized integration with SAST SUITE
Florian Wunder (COO SAST SOLUTIONS)
"SAP systems represent a blind spot for most SIEM tools because they don't include SAP-specific checking rules. This means they don't recognize corresponding attack patterns, which is why security teams often fail to identify certain threats and incursions. Enter SAST Security Radar, which offers the ideal supplementary solution."