What Is SAP GRC? SAP Governance, Risk, and Compliance (S...
SAPinsider Cybersecurity Threats Report: Key Insights Part 2
While the key finding in part one of this SAP insider series discussed how to keep your SAP landscape properly patched and configured, part two, in our three-part series, is about the risks ABAP custom code creates across SAP landscapes and how to address that risk.
Part 2: Key Insight | SAP Custom Code is a Serious Security Concern
The recently published SAPinsider Cybersecurity Threats to SAP Systems benchmark report had much to say about how the cybersecurity landscape has shifted over the past year. However, the report showed that securing custom code was still one of the top three challenges facing SAP customers.
Many companies extend their SAP ERP platform with their own code in order to fulfill specific business requirements. While the code might satisfy business needs, it can create security blind spots and leave your SAP systems vulnerable.
Download the Report: SAP insider Cybersecurity Threats to SAP Systems
Overcoming Code Vulnerabilities with SAST Solutions (now a part of Pathlock)
SAST Solutions, recently acquired by Pathlock, is a leading provider of security solutions for SAP ECC and SAP S/4HANA systems. SAST Solutions has a proven reputation for securing SAP landscapes by enabling large and small companies to detect anomalies and prevent hacking attacks, system manipulation, and data theft. To keep their customers safe and productive, they offer the SAST SUITE solution, which includes Code Vulnerability Analyses. The SAST SUITE automates the testing of ABAP programs for vulnerabilities. It can also be combined with professional services to efficiently correct and clean any risky code.
The SAST SUITE identifies security gaps using a proprietary set of coding patterns. These coding patterns, or security rules, quickly identify code that is either in development or production that does not conform to ABAP recommended coding practices. SAST SUITE not only allows you to periodically check all code but, over time, it improves the quality of your code because it can be integrated into your software development lifecycle (SDLC).
Once code-related security risks are identified, Pathlock’s SAP security consultants recommend strategies for SAP administrators to apply that will close those security risks without restricting your productive operations.
Pathlock Merger Update
Pathlock recently joined forces with multiple companies through a series of mergers and acquisitions to become the industry’s leading provider of Access Governance and Application Security. Learn more
Next Blog: SAP insider Cybersecurity Threats Report: Key Insights Part 3