ERPScan extends support for new ISACA and DSAG SAP Security Guidelines

Palo Alto, CA – November 25, 2015 Recently updated ERPScan Security Monitoring Suite for SAP now provides special templates to comply with the latest security guidelines from DSAG and ISACA.

ERPScan Security Monitoring Suite for SAP is acknowledged as the only solution to cover three crucial aspects of ERP security – identification, analysis, and remediation of vulnerabilities, custom code issues and SoD violations. The functionality of the revamped solutions includes special checks against the newest versions of guidelines developed by ISACA and DSAG.

ISACA is an international association of professionals in information security, assurance, risk management and governance. DSAG (The German-speaking SAP User Group) aims to encourage the exchange of experiences and knowledge among SAP customers as well as with SAP. Both ISACA and DSAG are focused on providing best SAP security practices to proactively mitigate SAP security risks. As a part of this mission, ISACA and DSAG update their guidelines on the regular basis to keep SAP customers up to date with the latest security threats and ways to remediate them.

ISACA’s Security, Audit and Control Features SAP ERP has been renewed recently. The 4th edition includes the following new features: risk, controls and assessment techniques to audit SAP FI/CO, HCM, BASIS, an overview of the SAP GRC Suite, updated Sarbanes-Oxley control objectives, and a list of sensitive tables and transaction codes.

DSAG provides a set of recommendations covering all security areas from technical configuration and source code to access control and management procedures.The latest version was released in May 2015.

The implementation of all those checks requires a lot of time and resources, as the significant part of them has to be done manually. Fortunately, all these checks are already available in ERPScan Security Monitoring Suite for SAP.

ERPScan Security Monitoring Suite for SAP simplifies achieving the compliance with different guides, standards, and best practices by regular automatic checks. Moreover, our solution constantly monitors what happens in the SAP Security area and adds checks from the latest versions of SAP Security guidelines regularly.

– adds Alexander Polyakov, CTO at ERPScan.

ERPScan makes it easy to meet requirements included in the most credible and renowned SAP Security guides, constantly monitors updates and takes into account all the changes.

About ERPScan

ERPScan is the most respected and credible Business Application Security provider. Founded in 2010, the company operates globally and enables large Oil and Gas, Financial and Retail organizations to secure their mission-critical processes. Named as an ‘Emerging Vendor’ in Security by CRN, listed among “TOP 100 SAP Solution providers” and distinguished by 30+ other awards, ERPScan is the leading SAP SE partner in discovering and resolving security vulnerabilities. ERPScan consultants work with SAP SE in Walldorf to assist in improving the security of their latest solutions.

ERPScan’s primary mission is to close the gap between technical and business security, and provide solutions to evaluate and secure SAP and Oracle ERP systems and business-critical applications from both, cyber-attacks as well as internal fraud. Usually our clients are large enterprises, Fortune 2000 companies and managed service providers whose requirements are to actively monitor and manage security of vast SAP landscapes on a global scale.

We ‘follow the sun’ and function in two hubs, located in the Palo Alto and Amsterdam to provide threat intelligence services, agile support and operate local offices and partner network spanning 20+ countries around the globe.