A partner account manager can help. Contact us today.
Interest in SAP security is growing exponentially and the numerous attacks play a significant role in driving this interest. Take, for example, recent breaches revealed in SAP system of a government contractor USIS. Most leading analyst firms such as Gartner and IDC agree that traditional solutions can’t help when it comes to securing ERP systems that so often become targets for attacks. SAP systems and business-critical applications store the most critical corporate data that can at some point be used for espionage, sabotage or fraud purposes.
SAP is more like a framework where at least 50% of code is customized by client. Unfortunately, because of extreme complexity and the high level of customization SAP is vulnerable to many attacks. What's more important, sometimes developers intentionally create backdoors, and those backdoors can be used to steal money from the company or perform other fraudulent actions. Given the complexity of ABAP and JAVA component it’s very likely that developers may have just overlooked vulnerabilities.
Another fact to consider is that it’s almost impossible to automate the processes related to source code security.
We offer you a SAAS Solution which will not only find issues but analyze risks, correlate data, conduct checks for false-positives, provide you with patches and attack signatures. There’s no need to run complex tools anymore.
Our solutions don’t have all those limitations. On the contrary, apart from the fact that we managed to overcome limitations, there are some features that make source code scanning more flexible than ever before. For example, whenever a vulnerability is found we can create a signature which will be exportable to IDS/IPS solutions of our partnering vendors such as CISCO and CheckPoint. After this signature is uploaded you’ll be secured from potential attacks even without changing a single line of code. It’s called Virtual Patching.
There are several options for scanning SAP code, designed to suite your needs:
You can get scan results in different forms depending on selected option.
"We would like to thank the world-class security experts of ERPScan for the highly qualified job performed to help us assess the security of our pre-release products."
"We're thrilled to recognize next-generation innovation in the information security marketplace and that's why ERPScan has earned this award from Cyber Defense Magazine. Some of the best INFOSEC defenses come from these kinds of forward thinking players who think outside of the box."
Contact us today.