Securing Linux Platforms for SAP HANA and S/4HANA
SUSE Linux Enterprise Server (SLES) is the leading operating system for SAP HANA and SAP S/4HANA solutions, supporting 85 percent of HANA deployments worldwide. SLES for SAP Applications is optimized to support high availability and persistent memory and endorsed by SAP. Securing operating systems is a critical component of SAP system hardening. Vulnerable hosts can […]
SolarWinds Attack: Lessons Learned for SAP Cyber Security
The software supply chain attack suffered by SolarWinds may have impacted as many as 425 of the US Fortune 500, the top ten US telecommunications companies, the top five US accounting firms, all branches of the US Military, the Pentagon, the State Department, the world’s largest cybersecurity firm, as well as hundreds of organizations worldwide. […]
Anomaly Detection with Cybersecurity Extension for SAP
Threat detection is commonly performed through rules or signature-based pattern matching. Detection engines compare actual events with patterns of malicious events to discover indicators of compromise (IOCs). IOCs discovered by detection engines typically trigger an alarm or alert for a suspected security breach. Pattern matching is a tried and tested method to identify known exploits […]
SAP Discloses Critical Vulnerabilities in ASE Databases
SAP customers are urged to apply a series of recent patches released by SAP for the Adaptive Server Enterprise (ASE). SAP ASE, previously known as Sybase SQL Server and Sybase ASE, is a widely deployed database platform used for both SAP and non-SAP applications. According to SAP, ASE is used by over 30,000 customers worldwide, […]
SAP Discloses Security Gaps in Cloud Solutions
SAP issued a statement last week to disclose security lapses in several cloud products including SAP Cloud Platform, SAP Analytics Cloud, SuccessFactors, and Concur. According to the statement, the disclosure was prompted by an internal security review. SAP does not believe customer data has been compromised as a result of the issues. The lapses impact […]
Securing the SAProuter from Remote Attacks
The surge in remote working has led to an increasing reliance on the SAProuter as a means to facilitate secure remote access to SAP applications. As a reverse proxy between external networks and SAP landscapes, the SAProuter enables organizations to apply more granular policies for filtering and securing connections to SAP systems than network firewalls. […]
Dramatic Growth in Cyber Attacks Increases Enterprise Risk
Cyber attacks have risen by six-times the usual levels over the past four weeks as the COVID-19 pandemic provides a new catalyst for attackers. Hacking and phishing attempts increased by an unprecedented 37% in a single month between February and March. Remote working has led to an equally dramatic rise in the number of servers […]
Webinar Playback: SIEM Integration for SAP
Security Information and Event Management (SIEM) systems support centralized security monitoring across networks. They ingest and analyze data from hosts, routers, switches, firewalls and other components to identify and respond to security threats. SIEM systems can ingest data directly from SAP application logs. However, direct integration is complex and laborious. It also requires high maintenance […]
Whitepaper: SIEM Integration for SAP
Download the new whitepaper for SAP-SIEM integration from Layer Seven Security. The whitepaper outlines recommended settings for the Security Audit Log, HANA audit log, and other logs to support advanced threat detection. It discusses the challenges of direct integration of SAP logs with SIEM systems in terms of complexity, log volume, maintenance, and event correlation. […]
SIEM Integration with SAP Solution Manager
Security Information and Event Management (SIEM) platforms combine the ability to collect log data from applications, hosts, routers, switches, firewalls and other endpoints with the ability to analyze events in real time. They support threat detection, event correlation and incident response with alerting and reporting capabilities. SIEM platforms require complete coverage for maximum yield. In […]