Attacks on ERP systems became a very hot topic, especially after the USIS data breach happened because of an SAP vulnerability. Analysts from different firms such as Gartner, 451 Research, IDC, KuppingerCole, and Quocirca agreed on the significant importance of ERP systems security and lack of this functionality in traditional tools.
Splunk is the leading software platform for real-time operational intelligence, enabling organizations to search, monitor, analyze, and visualize machine-generated big data coming from websites, applications, servers, networks, sensors, and mobile devices. ERPScan Security Monitoring Suite for SAP and Oracle gathers security information about vulnerabilities, misconfigurations, source code issues, and SoD violations you need to fight. Essentially, as a part of the integration all vulnerabilities, misconfigurations, source code security issues and SoD violations from SAP and Oracle enterprise systems detected by the ERPScan Security Monitoring Suite can be continuously monitored in Splunk Enterprise for more complete security analysis of the entire infrastructure with respect to Oracle and SAP Security.
The integrated solution combines ERPScan Security Monitoring Suite and Splunk Enterprise to provide vulnerability management and incident detection data. It enables operations security professionals to detect, investigate, and respond to security threats more quickly and effectively.
Vulnerability and configuration information from Distributed ERPScan instances feeds into the Splunk software thus users can create alerts, raise alarms, or take other operational actions when attacks are happening on assets affected by vulnerabilities. This gives security specialists a deeper insight about the current risk state of organizations.
CISOs want to easily manage their systems from 2-3 key platforms such as SIEM, GRC, and ITSM; our goal is to help them solve this task. With the partnership, we continue our global strategy to integrate both with the key players in the security market and promising startups in the industry to build an SAP Security ecosystem.
- says Alexander Polyakov, CTO at ERPScan.
The integration allows extending Splunk Enterprise functionality to monitor SAP NetWeaver ABAP security, SAP NetWeaver JAVA security, SAP HANA Security, SAP BusinessObjects security, SAP Mobile Platform security, SAP Afaria Security, SAP Plant Connectivity Security, Oracle Database Security, Oracle PeopleSoft security, and all applications and industry solutions based on the listed platforms.
What you can gain from the integrated solution:
Get unlimited scalability. Manage Business Application Security from a single place, where you can accumulate, analyze, and report the most comprehensive ERP security information from multiple data centers across the world. Analyze vulnerabilities across services, landscapes, locations, business units etc. or check what assets are more prone to danger in terms of compliance with regulations.
Save time on daily operations. Manage risks at the enterprise level by integrating information from 7000+ configuration checks and 3000+ vulnerability checks from every SAP and Oracle system in one place with context-based correlation and advanced reporting from Splunk.
Perform In-depth investigations. Add invaluable context from ERPScan’s data about specific application vulnerabilities in ERP, SRM, CRM, HR, and Industry solutions from SAP and Oracle to OS and Network security events and data collected by Splunk. Obtain additional security information about each asset, e.g. ports, services, applications, users, vulnerabilities, and risks.
ERPScan is the most respected and credible Business Application Security provider. Founded in 2010, the company operates globally and enables large Oil and Gas, Financial and Retail organizations to secure their mission-critical processes. Named as an ‘Emerging Vendor’ in Security by CRN, listed among “TOP 100 SAP Solution providers” and distinguished by 30+ other awards, ERPScan is the leading SAP SE partner in discovering and resolving security vulnerabilities. ERPScan consultants work with SAP SE in Walldorf to assist in improving the security of their latest solutions.
ERPScan’s primary mission is to close the gap between technical and business security, and provide solutions to evaluate and secure SAP and Oracle ERP systems and business-critical applications from both, cyber-attacks as well as internal fraud. Usually, our clients are large enterprises, Fortune 2000 companies and managed service providers whose requirements are to actively monitor and manage security of vast SAP landscapes on a global scale.
We ‘follow the sun’ and function in two hubs, located in the Palo Alto and Amsterdam to provide threat intelligence services, agile support and operate local offices and partner network spanning 20+ countries around the globe.
About Splunk Enterprise
Splunk Enterprise makes it simple to collect, analyze and act upon the untapped value of the big data generated by your technology infrastructure, security systems and business applications—giving you the insights to drive operational performance and business results.
By monitoring and analyzing everything from customer clickstreams and transactions to security events and network activity, Splunk Enterprise helps you gain valuable Operational Intelligence from your machine-generated data. And with a full range of powerful search, visualization and pre-packaged content for use-cases, any user can quickly discover and share insights.