Are your SAP systems the cornerstone of your IT? If so, you'll probably be alarmed to hear that in nearly all of our security reviews, we've been able to gain access to local systems - along with adjacent systems, in most cases - in less than an hour. And none of the monitoring tools in use detected a thing!

Keeping a constant eye on your transactions and applications is thus essential to protecting your SAP ERP and S/4HANA landscapes.

The SAST SUITE detecting critical incidents right when they occur, you'll be able to take immediate action in response.

The ability to monitor risks and compliance and conduct rapid analyses will result in better protection for your sensitive data while ensuring that you comply with all the relevant legal obligations.

SAST RISK AND COMPLIANCE MANAGEMENT

Start getting proactive about managing risks.

Holistic, effective risk management in IT will help you make sounder decisions faster and present tremendous potential for value creation throughout your company.

In practice, we continue to witness a lack of measures appropriate for identifying dangers early on; IT risk management is too often understood as a reactive process.

Get proactive with our SAST Risk and Compliance Management, a module that enables you to implement your own specific security and compliance policies and define exactly who is to check which parameters, along with when and how. It also gives you the option to mark every identified risk - resulting from technical system monitoring, authorization and SoD analysis, or other types of checks - for further handling with a click of the mouse. With this module, you'll thus gain a full-range reporting solution for mitigating your exposure.

How SAST SUITE can assist you

  • Saving of time and costs due to significantly simplified revision testing
  • Manual and automated checks that produce documented results
  • Includes the SAST Suite rule set as a default policy
  • Create and maintain your own specific guidelines
  • Support for planning recurring audits, defining their scope, and automating their execution
  • Provides detailed descriptions of all identified risks and manages your mitigating controls
SAST SECURITY RADAR

Threat detection of cyberattacks in real time.

Classic SIEM tools focus on detecting unusual behavior within IT infrastructures. But SAP systems are usually a blind spot.

Detecting attacks based on log files and analyzing network traffic requires in-depth knowledge of the potential paths and patterns such incursions can follow. This means intelligent information management is necessary in order to assess security data of this kind. Events relevant to security have to be filtered out of a sea of data and placed in the proper context.

Our SAST Security Radar therefore not only analyzes SAP protocols for the detection of threats, but also integrates configuration and role analyses.

By integrating it with an overarching SIEM tool, you can also consolidate all the security incidents detected in your SAP ERP and S/4HANA systems and other areas of your IT landscape. A comprehensive, dashboard-based overview of your security status will then be just a mouse-click away.

How SAST SUITE can assist you

  • Push-button access to the security status of your entire SAP system landscape
  • Constant monitoring of your system configuration, authorizations, and security and change logs
  • Provides real-time information on violations of your security policy in an aggregated, quantified format
  • Option to pseudonymize your user data to ensure compliance with the data protection laws of Germany (BDSG) and the EU (GDPR)
  • Automatically issues alerts in response to critical incidents and complex events (combinations of multiple non-critical events)
  • Ongoing content updates will keep your systems up-to-date
  • Integrates with IBM QRadar, HP ArcSight, Splunk, and LogPoint to create an overarching SIEM solution
SAST MANAGEMENT DASHBOARD

Transparent visual analysis of your risks.

Do you want to do more than just identify critical SAP system activities? Are you looking for a way to visualize and analyze them (including over time) with the necessary transparency? If so, SAST Management Dashboard is the perfect complement to your other SAST SUITE modules.

It takes just a few clicks to view a current status report based on your predefined risk indicators, and the dashboard can also show you what's causing certain security flaws. This makes high-quality information on your risk situation available at a glance whenever required.

How SAST SUITE can assist you

  • High-quality information about your risk situation at the touch of a button
  • Intuitive interface enables you quickly identify security flaws - even without special IT expertise
  • Risk analyses based on the business intelligence tool Qlik Sense
  • Causes of vulnerabilities that have occurred
  • Opportunity to present historical developments
  • Link all your data - from aggregated risk indicators down to the detailed level - with just a few clicks
  • Rapid implementation based on standardized integration with SAST SUITE
SAST DOWNLOAD MANAGEMENT

Prevent data theft in your SAP Systems.

In many cases, SAP users have more than just access to sensitive data; they can also easily download the contents of entire tables or forward it unnoticed by e-mail. Besides being problematic in terms of data protection law, this could reveal your trade secrets or make your company a victim of industrial espionage.

Our SAST Download Management offers a means of monitoring downloads of your sensitive data. It automatically tracks and logs every download executed in your SAP ERP and S/4HANA systems, giving you a highly effective tool for protecting your company against violations of data protection regulations and industrial espionage.

How SAST SUITE can assist you

  • Data loss prevention of your critical company data against misuse, industrial espionage or theft
  • Monitoring and content documentation of all downloads from your SAP systems
  • Conform to the GDPR requirements
  • Supports your company's internal organizational policies
  • Logs downloads executed through SAP GUI or file extracts (with the option to include outgoing e-mails, as well)
  • Supports direct integration into your SAP landscape and secures the contents of your SAP database
  • Further options for activating user notifications, download blocking, and approval procedures

"SAP systems represent a blind spot for most SIEM tools because they don't include SAP-specific checking rules. This means they don't recognize corresponding attack patterns, which is why security teams often fail to identify certain threats. Use our SAST Security Radar as the perfect complementary solution."

Ralf Kempf, CTO SAST SOLUTIONS
— Ralf Kempf
CTO SAST SOLUTIONS

Modular design. Individual possibilities

SAST SUITE for SAP ERP- or S/4HANA-Systems

Copyright akquinet AG. All Rights Reserved.