SAP security: Why SIEM doesn’t spot everything and how you can draw attention to SAP incidents nonetheless

SAST Blog: SAP security: Why SIEM doesn’t spot everything and how you can draw attention to SAP incidents nonethelessStandard SIEM monitoring is often insufficient to ensure SAP security, because the specific SAP logs and analyses can’t be interpreted and, consequently, attack patterns cannot be identified or recognized. Why this is the case, what companies can do to integrate SAP in their monitoring nonetheless, and why this end-to-end safeguarding can deliver additional benefits – our CTO Ralf Kempf explains it all in an article for it management magazine.

Continue reading

Knock, knock! What if a hacker has already broken in when your IT auditor is at the door?

SAST Blog: What if a hacker has already broken in when your IT auditor is at the door? The procedure is well-known at SMEs and large companies: Every year, the auditor comes around for the IT audit, which is carried out as part of the annual overall review. The general objective is to ensure the security and integrity of the audited system (usually the SAP system used for accounting) and to identify potential risks. A management letter then describes follow-up measures to mitigate these risks in future. But does this approach still make sense today?

Continue reading

Interview with Ralf Kempf and Norbert Klettner – Cybersecurity in logistics: Multinational attacks on the weakest links in the chain

SAST Blog: Interview with Ralf Kempf and Norbert Klettner – Cybersecurity in logisticsHow should companies in the port and transportation logistics sector tackle cybersecurity? Can smaller and midmarket companies even protect themselves against the growing threats? Our CTO Ralf Kempf and his colleague Norbert Klettner, Managing Director of AKQUINET PORT CONSULTING, were interviewed on this subject by DVZ, a German transportation newspaper.

Continue reading

Security dashboards – Just a buzzword or a true help with the daily security routine?

Expert talk of IT-Onlinemagazin with SASTCompanies that use SAP software, as well as the German-speaking SAP User Group (DSAG), are demanding security dashboards to provide for greater transparency and indicate necessary activities. The most critical risks, however, are those that arise as a combination of other events, which are not critical in and of themselves. After all, even the best dashboards aren’t able to display this kind of unidentified security incident.

Continue reading

Secure your SAP systems worldwide: Best practice recommendations for successful national and international rollouts with the SAST SUITE

SAST Blog: Secure your SAP systems worldwide: Best practice recommendations for successful national and international rollouts with the SAST SUITE.Companies all over the world rely on SAP as their central enterprise software suite. That’s why it’s becoming ever more important for them to protect these SAP systems, along with the enterprise values they contain, with a professional cybersecurity and access governance strategy. Many international companies already trust the SAST SUITE to help them manage their international rollouts, and for good reason.

Continue reading

Why your SAP security and compliance strategy can’t wait for an SAP S/4HANA migration

SAST Blog: Why your SAP security and compliance strategy can’t wait for an SAP S/4HANA migration.Companies have been sensitized to the risks: According to a recent report by consulting firm Ernst & Young, 97 percent of the surveyed executives expect that they will face an even greater risk of cyberattacks and data leaks in the future. And they also know that they can hardly keep up with the rapid advances. That’s why we recommend that you give thought to end-to-end protection of your SAP systems now – no matter whether you’re still using SAP ERP or have already migrated to SAP S/4HANA. The sooner you start with an end-to-end strategy, the better you’ll protect yourself against threats – both internal and external.

Continue reading

Don’t lose track of the big picture – a security dashboard provides transparency for all your SAP systems

SAST Blog: Don’t lose track of the big picture – a security dashboard provides transparency for all your SAP systemsThe lack of SAP security management dashboards is discussed often by the Security & Vulnerability Working Group at DSAG, the German-speaking SAP User Group. The Working Group sees such tools an essential prerequisite for developing and monitoring the improved security concepts that are urgently needed. Yet a majority of companies has yet to implement the dashboard technology although now would be a particularly good time to implement this efficient tool for mitigating attacks in light of the increasing threat level posed by malware and ransomware.

Continue reading