To serve the high demand for cybersecurity specialists that is caused by the growing threat situation and complexity of SAP technology, we implement and operate SAP Security & Compliance processes for our customers.
As Managed Security Service Provider (MSSP) for SAP we offer a wide range of services to advise our customers individually and specifically.
Monitoring, alerting and reporting on SAP Security & Compliance measures
Identification of vulnerabilities and threats based on SLAs & controls
Prioritisation of detected vulnerabilities & definition of mitigation plan / approach
Mitigation of detected vulnerabilities & impact analysis
Pre-defined SLAs & pre-defined SAP Security & Compliance controls
We Solve Your Todays Problems
To overcome todays challenges, we implement and operate the processes in SAP Security & Compliance for your organization and address your needs. With specialized teams we are able to advise you individually and specifically to deliver best practice solutions for securing your SAP systems landscape
Lack of know-how
Most companies lack of know-how for SAP Security & Compliance and can not keep up with the increasing threat level. smarterSec will take over the responsibility for monitoring and reporting of security- relevant activities inside your SAP landscape
Lack of resources
Most companies lack resources to continuously maintain all relevant SAP Security & Compliance measures. smarterSec can fill the gap of your limited resources with specialized consultants for SAP Security & Compliance
Limited budget
Most companies have limited budgets for SAP Security & Compliance. smarterSec offers a wide range of services that can be adjusted to your needs and budgets
Lack of responsibility
Most companies do not have defined responsibilities for SAP Security & Compliance – often side job of SAP Basis. smarterSec will take over the responsibility for monitoring and reporting of security- relevant activities inside your SAP landscape
References
We have already helped several companies to make their SAP security and compliance processes efficient and smart
“In smarterSec we have found a reliable SAP security expert and partner to certify our SAP add-on solutions regarding ABAP code security according to the BSI standard. This allows us to proactively provide our customers with proof that the security of our products is a very high priority for us and is regularly put to the test.”
Jörg Schreiber Managing Director @ integrtr GmbH
“We use the Managed Security Service of smarterSec GmbH to have the security of our products evaluated by experts before delivering to our customers and to analyze and evaluate the monthly SAP security patches. The analyses of the individual patches and the implementation or rework have always cost us a lot of time and effort in the past. We are therefore very happy to have smarterSec GmbH as a trustworthy, competent partner at our side, who monitors and ensures the security of our products and our SAP HCM system.”
Peter Pfeifer CEO @ scdsoft AG
Service Portfolio
SAP Assessments
Are your SAP systems secured properly and does your database comply with the EU General Data Protection Regulation? Our automated SAP assessments give you complete transparency in the shortest possible time, without installation or internal analysis efforts.
SAP Security Risk Assessment
Through our automated analysis, we create complete transparency about the current risks within your SAP system in the shortest possible time, without any installation or internal effort.
Our SAP GDPR Assessment offers a quick and easy check whether the current database in your SAP system complies with the regulations of the EU General Data Protection Regulation.
Our Managed Security Service Program includes continuous monitoring of SAP system landscapes, vulnerability detection and optimization services to give you full transparency and control of all security-relevant activities inside your organization.
SAP Security Monitoring
smarterSec protects your business-critical applications with a continuous security monitoring of your SAP landscape. You gain higher visibility about the security & compliance threats your organization is facing on a daily basis. We identify the potential indicators of compromise at an early stage, investigate them effectively and take appropriate actions to protect your organizations most sensitive data.
The SAP Security Monitoring service enables you to hold highest standards in SAP Security & Compliance, even without dedicated SAP Security resources with specialized know-how inside your organization. Through continuous monitoring of vulnerabilities & configuration errors, we are able to detect incidents early and to take countermeasures.
Service Overview
Continuous monitoring of your SAP system landscape
Detection of threat scenarios & alerting
Analysis, prioritization and filtering of threat scenarios
Immediate countermeasures for data protection
Build the bridge to your Secure Operation Center (SOC)
Weekly management reporting on incidents
SAP Vulnerability Detection
The SAP vulnerability detection services provide you with full transparency on the current risk situation in your SAP systems and enable you to take actions to best secure your business-critical applications. We identify areas for improvements and deliver recommendations to implement.
SAP Penetration Testing
Analyze SAP applications and determine the attack potential
The SAP penetration test analyzes the implemented security and compliance mechanisms of your SAP production or QA system. Our penetration tests focus on vulnerable configuration settings within the system and its interfaces, as well as on security flaws and compliance violations in related business applications.
List of detected security & compliance vulnerabilities
Exploits to demonstrate attack potential
Recommendations for actions
SAP Security & Compliance Audit
Analyze security & compliance flaws within your SAP systems
The SAP Security & Compliance Audit provides you a detailed overview of the security and compliance level in your SAP landscape. Every audit is by design customer specific and the exact efforts are depending on the detailed scope.
Service Overview
Scope definition & risk focus
Document & process review
Technical analysis of configuration parameters, interfaces & code
Analysis of the network architecture
List of detected security & compliance vulnerabilities
Recommendations for actions
Forensic Analysis for SAP
Assess the nature and scope of the attack
With our forensic analysis for SAP we support you after a cyber-attack to your organization, to secure your data and assess the scope of the attack. Due to our experience on attack vectors we are often able to rebuild the scenario and give evidence that can be further used for legal actions and reporting.
Service Overview
Identification of the incident
Acquistion of evidence
Preservation of the evidence
Analysis of the evidence
Documentation and presentation of the result
SAP Security Roadmap
Detect optimizations in your security & compliance processes
The SAP Security Roadmap service provides complete transparency on the current security & compliance level of your SAP system landscape as well as detailed recommendations for identified areas, where SAP security & compliance improvements should be implemented in short-, mid- and long-term.
Service Overview
Technical foundation (basic technical protection of the SAP servers)
Business layer (securing business processes)
Connectivity (securing access at the network level)
Governance (regulatory and organizational measures)
Controls (measures to ensure trouble-free operation)
SAP Security Optimization
The SAP Security Optimization services help your organization to mitigate existing vulnerabilities and improve your overall security level. smarterSec manages the complete remediation-process of detected vulnerabilities in your SAP systems, no matter if they are caused by misconfiguration, authorizations, bad coding, non-secure interfaces or missing security patches. We also help you to optimize your existing processes by implementing useful extensions into your SAP system landscape.
SAP Migitation Services
Remove vulnerabilities in your SAP systems
In mature SAP system landscapes often exist large numbers of vulnerabilities. Removing them and minimizing the resulting security & compliance risks require significant internal resources and efforts. With our SAP mitigation services, experts clean up your vulnerabilities based on best practices and give you total project safety.
Service Overview
Full service for fixing vulnerabilities at a fixed price and a fixed project duration
Total project safety based on SLA
Detail list of corrections made to the SAP system
Presentation of the results for acceptance & processing Corrections made to the SAP systems are
Process Improvements for SAP
Identify your process improvements to increase efficiency
In mature SAP system landscapes often exist large numbers of vulnerabilities. Removing them and The service identifies inefficiencies and ineffectiveness in your SAP Security & Compliance processes and delivers recommendations to optimize these processes. The focus of the service is to guide you with useful extensions to your existing processes that add long-term value to your organization.
Service Overview
Identification of improvements to your existing processes
Technical recommendations for long-term value & basis for management decision
Integration of SAP code scanner into development process (SAP Code Inspector (SCI) / SAP Code Vulnerability Analyzer (CVA), others)
Integration of SAP configuration & authorization tools (SAP Solution Manager (SolMan), SAP Early Watch Alert (EWA))
Integration of SAP Transport Management tools
Integration of SAP Monitoring tools (SAP Enterprise Threat Detection (ETD), others)
About Us
Meet the Executives
As an independent Managed Security Service Provider for SAP, smarterSec is your trusted partner in all important Security & Compliance topics to ensure your business runs secure and stable.
With our deep knowledge, we are able to deliver best practice solutions to your organization.
Thomas Kastner
Service & Support
Master degree of Business Administration and Computer Science
SAP experience since 1985
Multiple full cycle SAP Implementations (multilingual, 60 countries)
20 years of SAP (Cyber) Security and Compliance experience
Ethical hacker
Alexander Zellner
Sales & Marketing
Master degree of International Management
SAP experience since 2010
Certified Sales Professional by Miller Heiman Group
8 years sales experience in SAP (Cyber) Security and Compliance software /services
Customer management experience of small, medium and large enterprises
Sebastian Schönhöfer
Development & Service
Diploma in Business Informatics
SAP experience since 2002
Development of solutions for SAP standard products, customer-specific extensions and third-party add-ons
Project management and product development with agile methods, certified Scrum Product Owner
What Motivates Us
Customer Focus, Trust, Responsibility, Integrity
Customer Focus
We are customer-driven and focus on the needs to embrace their priorities as our own
Trust
We aim for trustful and long-lasting relationships with our customers through outstanding service within each interaction
Responsibility
We always act responsibly and ensure the safety of our people as well as the environment
Integrity
We hold the highest ethical standards and communicate with respect and cautiousness
SAP Security & Compliance in Human Resource Management
In addition to our SAP Security & Compliance portfolio, we can provide comprehensive expertise in the areas of SAP HCM & SuccessFactors together with the specialists from scdsoft AG.
Nowadays, confidential company data, especially HR data, can only be protected with a high level of knowledge and a significant amount of time due to countless and complex configuration settings of SAP systems.
WIth extensive legal requirements (GDPR), our customers are forced to invest more in the topics of data protection and data security. Improved authorization protection, protection of SAP system landscapes, monitoring of processes for security and compliance guidelines and penetration testing are nowadays no longer mandatory, but a must.
In order to serve the special security requirements in SAP HCM abs SuccessFactors, we can provide sustainable consulting services together with scdsoft AG in a strong and specialized team of experts.
For more information and blog articles on SAP Human Resource Management, please visit the website of our specialists at scdsoft.