ERPScan Listed as a Sample Vendor in Gartner’s Hype Cycle for Application Security

Palo Alto, CA – September 6, 2017 ERPScan, a leading provider of SAP and Oracle application cybersecurity solutions and services, today announced that it has been identified as a sample vendor in the Gartner “Hype Cycle for Application Security 2017” report [1] for the emerging category of Business-Critical Application Security as well as for mature Static Code Analysis category with its innovative Security Monitoring Suite for SAP and PeopleSoft applications.

The research segmented Business-Critical Application Security as a separate category for the first time ever. We believe there are several reasons behind this game-changing acknowledgment. Business software is increasingly exposed to the Internet so that financially motivated attackers are targeting ERP, CRM, HR, and other business applications now more than ever. So, according to ERP Cybersecurity Survey 2017, the 89% of security experts anticipate that the number of cyber-attacks against ERP systems will grow in next 12 months.

The consequences of attacks against ERP systems can be disastrous as an average cost of an SAP security breach is estimated at up to $10m, the ERP Cybersecurity Survey 2017 states.

By definition, business-critical application security applies to applications critical to the functioning of the business. Downtime of the core ERP system of an enterprise can be catastrophic. Outages and theft caused by hackers should be viewed as critical as downtime caused by hardware or software failures.

– Gartner analyst Neil MacDonald mentions in the report.

It’s an honor for us to be listed as a Sample Vendor. We are also pleased that the security of the business critical applications was finally recognized by the leading analyst firm as it validates the importance of this area. We started our work of improving the security of business applications 10 years ago and now we are witnessing that the state of business-application security is getting better but there is still a lot of work left to go. Of course, some companies have already taken their first steps toward business application protection, but for now, it looks like disintegrated actions instead of required strategic approach

– commented Alexander Polyakov, CTO at ERPScan.

ERPScan recommends that SAP Customers apply a comprehensive approach to Business-Critical Application Security, which balances traditional defensive mechanisms and proactive measures. To solve this problem, ERPScan introduced SAP Cybersecurity Framework following a Predict, Prevent, Detect and Respond (PPDR) Model designed by Gartner.

Join the “How to prevent SAP security incidents?” webinar and learn how to how to minimize the attack surface area and halt malefactors before they breach your company.

[1] Gartner, Hype Cycle for Application Security, 2017, Published: 28 July 2017 ID: G00314199, Analyst(s): Ayal Tirosh


Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About ERPScan

ERPScan is the most respected and credible Business Application Cybersecurity provider. Founded in 2010, the company operates globally and enables large Oil and Gas, Financial, Retail, and other organizations to secure their mission-critical processes. Named an ‘Emerging Vendor’ in Security by CRN, listed among “TOP 100 SAP Solution providers” and distinguished by 30+ other awards, ERPScan is the leading SAP SE partner in discovering and resolving security vulnerabilities. ERPScan consultants work with SAP SE in Walldorf to assist in improving the security of their latest solutions.

ERPScan’s primary mission is to close the gap between technical and business security, and provide solutions for CISOs to evaluate and secure SAP and Oracle ERP systems and business-critical applications from both, cyberattacks and internal fraud. Our clients are large enterprises, Fortune 2000 companies and managed service providers whose requirements are to monitor and manage security of vast SAP and Oracle landscapes on a global scale.

We function in two hubs, located in Palo Alto and Amsterdam to provide threat intelligence services, agile support and operate local offices and partner network spanning 20+ countries.