The global and independent platform for the SAP community.

Protect4S - the monthly SAP Patch Day loses its horror

SAP systems contain highly sensitive data, control companies and manage their processes. They are networked with partners, customers and suppliers. Protect your systems from cyberattacks and unauthorized access, even from the inside.
TakeASP
February 24, 2023
avatar
This text has been automatically translated from German to English.

IT security measures are essential to protect SAP systems

How often did you manually check all CVEs on SAP Patch Day for validity in your SAP landscape? Did you really check all of them or did you stop unnerved after the most critical 5 or 10? And then manually download all the notes from SAP and implement them? And logging all of this and creating the reporting for management and security officer? 

Due to a lack of human resources or know-how, SAP systems are often neglected in terms of IT security. 

Automations make it possible to identify and assess risks more quickly by automatically monitoring and analyzing potential threats. They also facilitate the execution of security measures by decoupling the implementation of policies and processes from manually performed actions. Faster detection of risks and threats can also shorten the response time of IT security teams, minimizing the risk of a successful attack.

Vulnerability and patch management

The patented scanning technology scans the connected systems within a few minutes and, based on a database of more than 2,000 check points, shows identified security vulnerabilities and security-related best practice recommendations. The database is updated monthly with the latest findings from SAP after SAP Patch Day. 

The user-friendliness through the proven SAP browser layout supports all those involved in the process in their work and provides familiar security in dealing with the solution from the very beginning. Via roles and authorizations, users can access Protect4S according to their task and process and document all activities via Protect4S with the SAP standard transactions.

Protect4S is developed in its own namespace and certified by SAP as an official SAP add-on. The add-on is installed on an SAP Solution Manager or an SAP Netweaver system in the system landscape in an empty client. An additional system/server is not required.

Protect4S Security Management is carried out via a three-stage control loop.

Check: Protect4S scans all connected systems within minutes and scores the security vulnerabilities.

Analyze: For each vulnerability identified, you will receive further information or appropriate guidance from SAP.

Fix: You can trigger patch management directly from Protect4S. Protect4S takes over the download of the relevant notices and starts the implementation if desired. Depending on the notice, manual support may be necessary.

Threat Detection and Code Scanner

The second pillar of SAP Security with Protect4S is ongoing threat detection. Protect4S analyzes and detects unusual or critical activities in SAP systems in real time. Code Scanner as the third pillar is under development - deployment is planned for the end of this year. The components of the software can be implemented and licensed together or independently.

The connection and integration with SIEM and ITSM solutions has already been implemented and will be expanded to include additional providers.

TakeASP
Result of a scan with assessment of risk and resolution effort.

ERP Security B.V, the manufacturer of Protect4S

The employees of Protect4S have been recognized experts in the field of vulnerability detection of SAP systems for many years. Most recently, Protect4S attracted attention with the milestone of more than 100 reported new SAP security vulnerabilities and henceforth ranks among the top 3 SAP security researchers on the market. The Dutch company draws on more than 20 years of experience of its founders in the field of SAP security.

Conclusion

With the rapidly increasing number of cyber threats and the ever-growing attack surface created by cloud computing, Internet of Things and mobile devices, organizations need to automate their IT security processes more than ever to protect their systems and data.

The first scans after the introduction of Protect4S show that even supposedly well-maintained SAP systems have security vulnerabilities in all areas. On average, these initial "findings" have a CVSS (Common Vulnerability Scoring System) score of 6.0.

These results show that the security of today's SAP installations can hardly be guaranteed with manual support. The solutions developed by Protect4S are an effective approach to increase the security of SAP systems without tying up additional employees as a resource. Companies are given the opportunity to identify and close potential security gaps before they can be exploited by attackers.

Automation of IT security measures is therefore essential to protect SAP systems from the ever-growing threat. 

As a provider of Protect4S solutions, TakeASP is the right partner for companies that want to operate their SAP systems securely. With process automation and regular audits, TakeASP and Protect4S can help companies take their IT security to a higher level and better arm themselves against future threats.

Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork. All information about the event can be found here:

SAP Competence Center Summit 2024

Venue

Event Room, FourSide Hotel Salzburg,
At the exhibition center 2,
A-5020 Salzburg

Event date

June 5 and 6, 2024

Regular ticket:

€ 590 excl. VAT

Venue

Event Room, Hotel Hilton Heidelberg,
Kurfürstenanlage 1,
69115 Heidelberg

Event date

28 and 29 February 2024

Tickets

Regular ticket
EUR 590 excl. VAT
The organizer is the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes the attendance of all lectures of the Steampunk and BTP Summit 2024, the visit of the exhibition area, the participation in the evening event as well as the catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due time.