Security policies allow companies to ensure compliance with data integrity, secrecy, availability and authenticity. Such policies are constantly being updated and scaled to keep up with changes to ongoing operations. When additional policies are added in compliance with guidelines – for example a software update or a DSAG audit, the policy must be compared. To date, this has required checks by hand. Since the Release 5.0 SAST SUITE offers solution, providing automatic identification and adoption of deltas where policies differ.
Time and again, we’ve seen subpar handling of risk resolution in practice for RFC interfaces, with no guarantee for maintaining proper and secure operating conditions.
In today’s practical tip, we give you a step-by-step explanation of how you can secure your SAP gateways against unauthorized calls.
After upgrading to a new SAP release, customers often face the challenge of using the SAP transaction SU25 to bring their authorizations up to speed, as well.
In today’s practical tip, Steffen Maltig shows you how to save up to 90% of the resources this normally requires.
Takeda’s twin objectives were to accelerate and simplify its authorization assignment process while deploying a tool that was simultaneously capable of providing vulnerability monitoring for its SAP backend worldwide. Continue reading
The EU General Data Protection Regulation (EU GDPR) takes effect on May 25, 2018, and hardly a day goes by without some news about it – and that’s the way it should be! As demonstrated by a DSAG member survey of SAP users just a few weeks ago, only just over half of all the companies (53%) have a roadmap. To say nothing of full implementation of the new requirements.
Michael Muellner, Head of Security & Compliance at AKQUINET, discusses helps to make this topic accessible to you by building a bridge from the statutory requirements to steps in operations and concrete tips.
One of the biggest challenges that any customer faces when migrating or redesigning their SAP authorizations is ensuring the continuity of their normal business operations. As a result, IT units are often wary of curtailing user rights – so as to avoid conflicts with business departments that would result from increased testing workloads or more frequent error messages.
With SAST Safe Go-Live Management, these problems are now a thing of the past.
GRC tools, IT vulnerability analysis, authorization management, SIEM management – these are four of the top five topics cited by IT decision-makers when asked which current and future technologies are of vital importance to them. *
This means that the new release of GRC Suite SAST from AKQUINET – couldn’t have arrived at a better time to offer answers on some of the subjects that are on the minds of these managers right now. In this interview, Lars Henning (product manager for the SAST SUITE) presents the highlights of the latest version, along with some helpful tips.
New features for the SAST SUITE: the SAST Enhanced SoD and Control Reporting.
Every company that needs to redesign its authorizations after an audit knows the challenges: perplexed in the screening and analysis of all identified risks. Our new features for the SAST SUITE enable you to periodically report your risks and mitigations – fast and intuitively.
SAP protection in real-time with the SAST SECURITY RADAR.
We show you how easy it is to respond in an emergency with the AKQUINET SAST SECURITY RADAR. In the area of corporate crime, more and more companies are coming to realize they still have work to do when it comes to prevention and response.
Analyze the RFC interfaces of your SAP Systems.
SAP interfaces are often not considered when SAP systems are protected. Therefore, they remain unprotected and provide attractive targets for attackers.
Experience from numerous SAP security audits and penetration tests for SAP systems shows repeatedly that, in almost every SAP system checked, unprotected interfaces exist that could allow attackers direct access to your SAP Systems.