On the upcoming webinar, Alexander Polyakov will guide you through the latest trends in SAP security in the discussion devoted to our new SAP Cyber Threat Report 2016, which has made a lot of buzz in the press lately.
Here are some takeaways that we hope will grab your attention right from the start:
The average number of security patches for SAP products per year has slightly decreased. Nonetheless, it doesn’t mean that the number of the issues has dropped too. SAP now fixes multiple vulnerabilities in one patch while 3 years ago each patch addressed a particular one. The new approach simplifies patching process since system administrators need to implement a fewer number of updates. However, it complicates analysis and correlation with CVE, as SAP doesn’t provide any public information about how many vulnerabilities every patch fixes.
The list of vulnerable platforms has extended and now it includes modern cloud and mobile technologies such as HANA. Because of cloud and mobile technologies, new SAP Systems became more exposed to the Internet and thus every vulnerability identified in these services can affect thousands of multinationals (just remember that 90% of the Fortune 2000 companies use SAP). If any of these vulnerabilities is exploited by a hacker, the world’s economy will face dreadful consequences. For example, the latest reported issues in SAP Mobile affect more than a million of mobile devices and SAP HANA vulnerability affects 6000+ SAP HANA users.
There are vulnerabilities in almost every SAP module; CRM, EP, and SRM are leaders among them. Without a doubt, cybersecurity level varies from module to module. According to our study, the most vulnerable products are CRM, EP, and SRM. However, one shouldn’t underestimate vulnerabilities affecting SAP HANA and SAP Mobile apps. The traditional SAP modules like ones mentioned before were introduced about two dozens of years ago, but the first vulnerabilities were discovered just several years ago, i.e. SAP HANA and SAP Mobile apps attracted researchers’ (and, unfortunately, hackers’) attention quicker than the traditional ones.
Get report now
You can easily access the report download by following the link
Europe, Middle East, Asia
Tue, Aug 30, 2016 10:00 AM – 11:00 AM CEST
Americas, Asia Pacific
Tue, Aug 30, 2016 10:00 AM – 11:00 AM CDT