Protect4S - the monthly SAP Patch Day loses its horror

IT security measures are essential to protect SAP systems

How often did you manually check all CVEs on SAP Patch Day for validity in your SAP landscape? Did you really check all of them or did you stop unnerved after the most critical 5 or 10? And then manually download all the notes from SAP and implement them? And logging all of this and creating the reporting for management and security officer? 

Due to a lack of human resources or know-how, SAP systems are often neglected in terms of IT security. 

Automations make it possible to identify and assess risks more quickly by automatically monitoring and analyzing potential threats. They also facilitate the execution of security measures by decoupling the implementation of policies and processes from manually performed actions. Faster detection of risks and threats can also shorten the response time of IT security teams, minimizing the risk of a successful attack.

Vulnerability and patch management

The patented scanning technology scans the connected systems within a few minutes and, based on a database of more than 2,000 check points, shows identified security vulnerabilities and security-related best practice recommendations. The database is updated monthly with the latest findings from SAP after SAP Patch Day. 

The user-friendliness through the proven SAP browser layout supports all those involved in the process in their work and provides familiar security in dealing with the solution from the very beginning. Via roles and authorizations, users can access Protect4S according to their task and process and document all activities via Protect4S with the SAP standard transactions.

Protect4S is developed in its own namespace and certified by SAP as an official SAP add-on. The add-on is installed on an SAP Solution Manager or an SAP Netweaver system in the system landscape in an empty client. An additional system/server is not required.

Protect4S Security Management is carried out via a three-stage control loop.

Check: Protect4S scans all connected systems within minutes and scores the security vulnerabilities.

Analyze: For each vulnerability identified, you will receive further information or appropriate guidance from SAP.

Fix: You can trigger patch management directly from Protect4S. Protect4S takes over the download of the relevant notices and starts the implementation if desired. Depending on the notice, manual support may be necessary.

Threat Detection and Code Scanner

The second pillar of SAP Security with Protect4S is ongoing threat detection. Protect4S analyzes and detects unusual or critical activities in SAP systems in real time. Code Scanner as the third pillar is under development - deployment is planned for the end of this year. The components of the software can be implemented and licensed together or independently.

The connection and integration with SIEM and ITSM solutions has already been implemented and will be expanded to include additional providers.

ERP Security B.V, the manufacturer of Protect4S

The employees of Protect4S have been recognized experts in the field of vulnerability detection of SAP systems for many years. Most recently, Protect4S attracted attention with the milestone of more than 100 reported new SAP security vulnerabilities and henceforth ranks among the top 3 SAP security researchers on the market. The Dutch company draws on more than 20 years of experience of its founders in the field of SAP security.

Conclusion

With the rapidly increasing number of cyber threats and the ever-growing attack surface created by cloud computing, Internet of Things and mobile devices, organizations need to automate their IT security processes more than ever to protect their systems and data.

The first scans after the introduction of Protect4S show that even supposedly well-maintained SAP systems have security vulnerabilities in all areas. On average, these initial "findings" have a CVSS (Common Vulnerability Scoring System) score of 6.0.

These results show that the security of today's SAP installations can hardly be guaranteed with manual support. The solutions developed by Protect4S are an effective approach to increase the security of SAP systems without tying up additional employees as a resource. Companies are given the opportunity to identify and close potential security gaps before they can be exploited by attackers.

Automation of IT security measures is therefore essential to protect SAP systems from the ever-growing threat. 

As a provider of Protect4S solutions, TakeASP is the right partner for companies that want to operate their SAP systems securely. With process automation and regular audits, TakeASP and Protect4S can help companies take their IT security to a higher level and better arm themselves against future threats.