Top Banner
SMART CYBERSECURITY PLATFORM DETECT CYBER ATTACKS & UNUSUAL BEHAVIOR IN SAP SYSTEMS & RESPOND TO THEM PROBLEM SOLUTION UNIQUE FUNCTIONS WHY ERPSCAN?
4

DETECT CYBER ATTACKS & UNUSUAL BEHAVIOR IN SAP …...Anton Chuvakin, Research VP, Gartner PROBLEM ... by an SAP vulnerability in the USIS system that had a grave impact on the company’s

Aug 10, 2020

Download

Documents

dariahiddleston
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: DETECT CYBER ATTACKS & UNUSUAL BEHAVIOR IN SAP …...Anton Chuvakin, Research VP, Gartner PROBLEM ... by an SAP vulnerability in the USIS system that had a grave impact on the company’s

SMART CYBERSECURITY

PLATFORM

DETECT CYBER ATTACKS & UNUSUAL BEHAVIOR IN SAP SYSTEMS & RESPOND TO THEM

PROBLEM

SOLUTION

UNIQUE FUNCTIONS

WHY ERPSCAN?

Page 2: DETECT CYBER ATTACKS & UNUSUAL BEHAVIOR IN SAP …...Anton Chuvakin, Research VP, Gartner PROBLEM ... by an SAP vulnerability in the USIS system that had a grave impact on the company’s

Some vulnerabilities cannot be easily patched, which leaves business systems open to attacks. Moreover, there are always unidentified ‘0-day’ vulnerabilities to contend with. Thus, to minimize risks, enterprises also need to monitor potential attacks. The challenging part being, there are so many different formats for different SAP logs generating so many events, making it next to impossible to configure the collection of all events manually into one centralized point for managing the security of the most critical applications. What is more important, even if all logs are stored in one place, you need to know what kind of security data you are looking at. You need an Intelligence – a brain for your system. And finally, you do not want to deal with all this data; all you want is to respond to those attacks in close to real time.

DETECT CYBER ATTACKS & UNUSUAL BEHAVIOR IN

SAP SYSTEMS & RESPOND TO THEM

SYSTEM COMPLEXITY

LACK OF RESOURCES

BACKWARD COMPATIBILITY

As attackers compromise the ever-expanding sections of organizations' networks, retain long-term access, and venture deeper into corporate IT Resources, the attacks on ERP Systems are anticipated to increase.

Anton Chuvakin, Research VP, Gartner

PROBLEM

SOLUTION

In recent years, attacks on ERP systems have become a very hot topic. Numerous security breaches that got media coverage catalyzed the growth of public interest. One of these events was the USIS data breach caused by an SAP vulnerability in the USIS system that had a grave impact on the company’s future: a half year later the USIS went bankrupt.

Analysts from various firms such as Gartner, IDC, KuppingerCole, and Qoucirca agreed on the significant importance of ERP security as well as on lack of this functionality (e.g. security scanners, SIEM, and breach detection mechanisms) in traditional systems. Another proof of the importance of ERP security is that it was given its own section in the latest issue of the Gartner Hype Cycle.

SAP systems and other business-critical applications store the most critical corporate data that is constantly threatened by espionage, sabotage, and fraud. Given the above, it comes as no surprise that 89% of surveyed businesses anticipate that the number of attacks will increase. They also estimate an average damage of an ERP security breach at $5 million. Fraudulent actions were considered the costliest to deal with (up to $10 million in damages).

Vulnerability Management process for Large Enterprises with hundreds of business applications involves several challenges in patching, such as:

2

SMART CYBERSECURITY

PLATFORM

SMART CYBERSECURITY PLATFORM

Page 3: DETECT CYBER ATTACKS & UNUSUAL BEHAVIOR IN SAP …...Anton Chuvakin, Research VP, Gartner PROBLEM ... by an SAP vulnerability in the USIS system that had a grave impact on the company’s

Unlike other SAP Security solutions, ERPScan is the only one on the market certified by SAP SE that can identify all the types of issues: not only vulnerabilities and misconfigurations but also custom code issues and SoD violations.

We use patent-pending machine learning techniques to detect insider threats and cyber attacks with maximum efficiency to save your time. That is what makes our solution smart. Moreover, taking into account that ERPScan Smart Cybersecurity Platform for SAP is role-specific and role-flexible at the same time, it perfectly serves its purpose for different roles, from engineer to CISO, with tailored interfaces by user roles and generates over 100 dashboards to fit the requirements of every seasoned and demanding user. Still not it? Smart Cybersecurity Platform for SAP is equipped with an embedded request constructor enabling a user to get an answer to any question regarding the security of the SAP landscape.

ASSESS enables security engineers to identify all types of issues including vulnerabilities, custom code issues, and SoD violations.

DETECT helps SOC team to detect cyber attacks, threats, and malicious user activity.

PREVENT makes it easier for BASIS and ABAP teams to fix issues and implement virtual patches.

RESPOND provides Incident Response team with quick notifications about new security-related events and changes in SAP systems.

MONITOR gives C-level executives and managers a clear and comprehensive picture with the help of hundreds of dashboards and a search engine.

UNIQUE FUNCTIONS

SMART CYBERSECURITY PLATFORM

We have a solution – SMART CYBERSECURITY PLATFORM FOR SAP with a set of Modules providingPredictive, Preventive, Detective, and Responsive capabilities.

SOLUTION

Prevent Module is responsible for virtual patching.

Assess Module identifies security issues, vulnerabilities, and misconfigurations.

PROVIDES HIGH-LEVEL ANALYSIS AND MONITORING WITH THE HELP OF MACHINE LEARNING.

Detect Module detects any possible attack or unusual activity by collecting, normalizing and analyzing SAP Security events generated by different SAP applications from ERP to HANA. These events include potential threats, attacks using exploits, critical actions, and anomalous user behavior.

Respond Module helps to make notifications to external systems.

3SMART CYBERSECURITY PLATFORM

Page 4: DETECT CYBER ATTACKS & UNUSUAL BEHAVIOR IN SAP …...Anton Chuvakin, Research VP, Gartner PROBLEM ... by an SAP vulnerability in the USIS system that had a grave impact on the company’s

ERPScan’s solutions continued to break new ground within the past year, benefiting its customers around the globe, and we’re excited to have them featured on our top companies list.

ASSESS

DETECT

PREVENT

RESPOND

VMCodeSoD

IncidentsChangesNotifications

CorrectVirt.Patch

0-day

AttacksThreats

User Behavior

MONITOR

ERP CRM SRM HANA BOBJ Mobile

SAPAdmin

RiskManager CISO ABAP

Developer Pentester

Harvi Sachar, Publisher and Founder, CIOReview

WHY ERPSCAN?

ERPScan is the most respected and credible Business Application Cybersecurity provider. Founded in 2010, the company operates globally and

enables the Fortune Global 2000 companies to secure their mission-critical processes. ERPScan’s primary mission is to close the gap between technical and

business security and to provide smart (AI-based) solutions to assess and protect ERP systems and business-critical applications from both cyber attacks and internal fraud.

ERPScan is featured in Gartner MQ for Application Security, named as an ‘Emerging Vendor’ in Security by CRN, listed among “TOP 100 SAP Solution providers” and distinguished by 40+ other awards.

We ‘follow the sun’ and function in two hubs, located in Palo Alto and Amsterdam, to provide threat intelligence services and agile support, and operate local offices and a partner network spanning 50+ countries around the globe.

The company’s expertise is based on the research subdivision of ERPScan. Experts have been interviewed by leading media resources and specialized InfoSec publications worldwide. These include Forbes, The Guardian, Wired, Vice, Business Insider, and Reuters, to name a few.

It has received multiple acknowledgments from the largest software vendors such as SAP, Oracle, Microsoft, IBM, VMware, and HP for exposing more than 500 vulnerabilities in their solutions.

4

SMART – ERPScan detects attacks using machine learningand signatures, thus eliminating 95% of noise.

NONINTRUSIVE – no additional agents are required to be installed on your SAP.

HOLISTIC – detect VM, Code, and SoD issues.

ALL IN ONE – Assess, Prevent, Detect, and Respond capabilities.

ROLE-TAILORED – hundreds of dashboards and a search engine to fit precise needs.

RESEARCH-DRIVEN – 10000+ security checks.

SMART CYBERSECURITY PLATFORM