"The SAST SUITE has given us the perfect solution for our global SAP systems and providing us with permanent vulnerability monitoring. Thanks to the highly competent and motivated support provided by the SAST team, we completed the project on time, in budget and at the specified level of quality."
Maximum protection on all levels, thanks to SAST SUITE.
If your SAP system isn't properly protected on all levels, you're at risk of becoming an easy target. Losing data due to various forms of sabotage can have negative consequences for your company: Your reputation may be irreparably harmed and you may have to pay restitution for damages - or even give up your business, to offer just three examples.
Manufacturers, online security portals, and SAP itself offer regular updates on the latest security flaws. All the more reason to put your infrastructure, databases, and custom ABAP developments under the microscope and analyze all your system interfaces with our SAST SUITE.
This will help you minimize security vulnerabilities and protect your SAP systems from attacks.
SAST SYSTEM SECURITY VALIDATION
Vulnerability scans to secure your system configuration.
With this SAST SUITE module, you'll get a comprehensive overview of how secure your SAP ERP and S/4HANA infrastructure is right now - and it's all automated in real time!
This is how we enable you to continually analyze and optimize every level of your landscape to address vulnerabilities - including in your operating systems, databases, network configurations - while factoring in critical OSS Notes. It even examines your custom ABAP source code with a a simple string pattern match to identify and eliminate potential flaws.
How SAST SUITE can assist you
- Comprehensive transparency across system boundaries
- Accounts for DSAG's auditing guidelines, recommendations from BSI, and SAP's security guidelines
- More than 4,000 automated checks and security notes that are constantly updated
- Automated policy-based auditing of security-relevant parameters and settings
- Analyzes all underlying platforms, from SAP ERP to SAP Mobile Platform (running on the latest release of SAP NetWeaver)
- Offers dashboard-based security reporting that includes clear recommended actions for eliminating your landscape's vulnerabilities
Are you interested in a full assessment of the critical vulnerabilities in your ABAB code? Then the "SAST Code Management" is just right for you.
SAST INTERFACE MANAGEMENT
To provide your SAP system with holistic protection, remember to secure your interfaces.
In the process of safeguarding IT systems, interfaces are often neglected, making them a prime target for hackers.
Our experiences in security audits consistently show that insecure SAP connections lay hidden in nearly every system. Should a cyberattack occur, this will give the perpetrators direct access to your SAP systems.
Our SAST Interface Management will enable you to detect and address security holes like these.
How SAST SUITE can assist you
- Cross-system assessments for SAP ERP and S/4HANA environments
- Analysis of incoming and outgoing RFC, http, and database connections, along with trust relationships and system traces
- Generates suitable RFC roles at the click of a mouse
- Reliable interface scanner
-
Detailed reports in graphical and tabular form, enriched with information on risk classification
- Central point of control
SAST CODE VULNERABILITY ANALYSIS
Close security gaps in your ABAP code reliably.
You'll only achieve a fundamental level of SAP security if you take a truly head-to-toe approach. That also includes your ABAP code.
The continuous testing of custom developments is as important as the analysis of 3rd party add-ons. But many companies are hesitating. Partly, because of the unmanageable number of identified security gaps or because of being dissatisfied with the results.
So how can identified weaknesses in the coding be efficiently corrected? The Code Vulnerability Analyses of the SAST SUITE provides you with an optimal combination of tool-supported testing of your ABAP programs and an efficient code cleansing, supported by our SAP Security Consultants.
The SAST SUITE identifies security gaps by using standard SAP tools - enhanced by proprietary security rules. This not only allows you to periodically check all applications, but also to enhance your entire code quality by integrating them into your development process.
After the Analysis, our SAP security consultants will show you, solution strategies for closing your security risks, for example by efficiently eliminating weaknesses based on usage statistics. What's best, our soft cleansing approach allows to fix security vulnerabilities without restricting your productive operations.
This procedure has been accepted by auditors also as a targeted measure in dealing with code scan results.
How SAST SUITE can assist you
- Effective detection of security and compliance issues
- Saving resources thanks to automated code checking
- Fixing of vulnerabilities independent of the previously used code analysis tool
- Unique context analysis allows you to focus on the relevant problems
- No disruptions to your operative business
- The source code does not leave your company at any time
- Know-how transfer for more secure ABAP programming in your company to avoid security gaps in a long-term
One of many satisfied customers:
— Manfred Meier
Takeda AG
Modular design. Individual possibilities.
SAST SUITE for ERP or S/4HANA
