ERPScan Announces Threat Map to Simplify Protection of SAP Systems at the Gartner Security & Risk Management Summit
SAP Cybersecurity was an important topic for years but now it deserves increased attention. An SAP system introduces more risks than businesses assume. In the era of growing number of connected devices, which provide access to the system from anywhere, network and organizational boundaries are blurring. So an SAP software is changing. From a legacy system available only inside the company and known by financial&HR departments, it has transformed into a global IT platform with Cloud&Mobile features and 300k+ customers interconnected into a global chain. Another reason is that attackers have shifted their focus; instead of hacking endpoints, they target business applications - since 2012, cyberattacks on SAP occur annually.
Besides, according to the ERP Cybersecurity Survey 2017, 89% of security professionals anticipate that the number of attacks on SAP systems will increase. The average damage of an SAP breach is estimated at $5 million.
Only the cutting-edge technologies can protect SAP systems from the sophisticated threats. ERPScan is happy to announce the latest enhancements to its flagship product, ERPScan Security Monitoring Suite, that are focused on improving visibility&risk prioritization based on overall impact.
A new patent-pending technology dubbed Threat Map is aimed to optimize protection of SAP applications by providing a scheme of all interconnected SAP systems within an organization and their security issues. Threat Map automatically identifies potential attack vectors and, unlike traditional tools which can provide only network topology, creates an interactive map of attacks on the application layer.
ERPScan's advanced algorithm calculates all possible attack paths (via unpatched vulnerabilities, misconfigurations, default passwords) and presents them as a map.
A common SAP installation is a dozen of Systems with hundreds of connections. The tool can predict a typical attack scenario when hackers break into a non-productive system, decrypt a password and use it in another system responsible for the core business.
A customer will also receive a list of systems sorted by the remediation priority status – a unique metric combining criticality of SAP System, criticality of all connected systems, the number and weight of all the system's connections and the number and severity of vulnerabilities in the selected system. The listed features help find the weakest link to be patched first.
We welcome all attendees to visit our booth 1032, have a look at the updates and receive a free copy of SAP Cybersecurity Framework based on Gartner's PPDR Framework, which can help align SAP Cybersecurity into overall Cybersecurity initiative.
About the Gartner Security&Risk Management Summit
The premier gathering of security, risk management, and business continuity management leaders, the Gartner Security & Risk Management Summit delivers the insight organizations need to secure a digital business future. The comprehensive agenda addresses the latest threats, flexible new security architectures, governance strategies, the chief information security officer role, and more. The summit offers a unique opportunity to reinvent security and risk for the digital age, based on Gartner's trusted independent research and practical recommendations.