Managed Security Service for the smarterSec Security Platform

Monitoring of security-relevant activities in your SAP system landscape

SAP Security Monitoring & Vulnerability Management for the smarterSec Security Platform

With our Managed Security Service for the smarterSec Security Platform, we offer you a comprehensive security monitoring of your SAP system landscape in order to identify and eliminate vulnerabilities and to ensure full transparency and control over all security-relevant activities within your organization.

The Managed Security Service generally includes, but is not limited to the following services:

Implementation

  • Installation of the smarterSec Security Platform (cloud or on-premise)
  • Connection of the SAP systems
  • Configuration of the platform (selection of testcases and alignment of internal policies)

Analysis

  • Initial security, compliance and GDPR analysis
  • Presentation of the most critical results
  • Recommendations for action to mitigate vulnerabilities

Security Operation

  • Continuous security, compliance and GDPR analysis
  • Alerting of critical events (zero-day exploits)
  • Reporting and trending including delta
  • Security stategy meetings

Service description

Installation of the smarterSec Security Platform

Whether you want us to operate the smarterSec Security Platform in the cloud (hosted by smarterSec on German servers) or on-premise in your IT environment, we realize the full installation and initial setup to become operational.


Connection of the SAP sytems

After the initial installation, we ensure a smooth connection of the licensed SAP systems in scope and provide the neccessary SAP role(s) with pre-defined authorizations to enable scanning.

Please refer to smarterSec Security Platform to get an overview of all SAP infrastructure components that can be analyzed and monitored.


Configuration of the platform

Another important aspect of our Managed Security Service is the configuration of regular scan cycles. The scan cycles are customized according to your compliance requirements or executed according to predefined standards, which include specifications of various acknowledged industry standards. We can customize the scan cycles for each individual scan and run them at any defined frequency.


Initial security, compliance and GDPR analysis

To ensure that the Managed Security Service is perfectly tailored to your needs, we perform a complete initial analysis for all SAP systems in scope. The analysis includes the identification of security & compliance vulnerabilities as well as potential risks through non-compliance GDPR data.


Presentation of the most critical results

The most critical results of the initial analysis will be presented in a 2-hour meeting, explaining the risks behind the identified vulnerabilities. In certain cases we build exploits to highlight the criticality of dedicated vulnerabilities in your SAP systems.


Recommendations for action to mitigate vulnerabilities

For every identified security vulnerability and compliance risk, we give recommendation with guidelines on how to remediate the vulnerabilities and risks inside your SAP systems. We also give mitigation advices to tackle “low-hanging fruits” – vulnerabilities and risks that do not require a lot of time to mitigate but have a high impact on the system security and compliance.


Continuous security, compliance and GDPR analysis

In the daily security operation, we continuously monitor all connected SAP systems within your landscape for vulnerabilities and threats. The defined scan cycles are customized according to your internal requirements or executed according to predefined best practices. We also provide our customers with technical support at all times, ready to answer any questions and provide assistance to ensure the security of the customer’s SAP systems at all times.


Alerting of critical events (zero-day exploits)

In case of zero-day exploits, we proactively inform the responsibles on customer side and advice to take action. Most of the times, we are already aware of new exploits in the SAP ecosystem before they are publicly announced.


Reporting and trending (incl. delta)

As a customer, you receive regular reportings on all security- and compliance-related activities that took place in the SAP system landscape during a pre-defined time frame (weekly, monthly, quarterly). These reports are produced in an understandable format and contain a summary of the most important events, vulnerabilities and recommendations for mitigation of security vulnerabilities and compliance risks. The reporting consists of the following:

  • Detailed security audit report (word)
  • Management summary (PDF)
  • Test case details as CSV or JSON
  • Delta analysis for defined time frame (customizable)


Security Strategy Meetings

In quarterly security strategy meetings we will highlight the overall security and compliance status of your SAP system landscape and discuss the next mitigation steps. During these meetings, we will provide specific guidance and act as a trusted advisor to answer all your questions.

Our SLAs ensure that the services provided meet the needs and requirements of our customers. The SLAs cover availability as well as response times to requests and more. Predefined SLAs are an important part of ensuring smooth cooperation with our customers and providing consistently high quality services.


In summary, the Managed Security Service with smarterSec Security Platform offers a comprehensive security package that provides you with continuous monitoring of your SAP system landscape, detection and mitigation of vulnerabilities as well as transparent control over all SAP security- and compliance-related activities within the organization.


Your benefits at a glance

  • Continuous and automated monitoring of security- and compliance-relevant activities in your SAP system 
  • Pre-defined reporting cycles on new vulnerabilities and changes within the SAP system (trending)
  • Recommendations for action to remediate the vulnerabilities found and optimize the SAP system
  • Flexible adaptation of guidelines to customer policies
  • No installation or upgrades, no hardware and no internal analysis efforts

Contact us today and let’s build a secure future for your SAP system landscape together!

Related topics: smarterSec Security Platform // Managed Security Service for SAP Enterprise Threat Detection

Contact

smarterSec GmbH
Managed Security Service Provider for SAP®

Albert-Nestler-Str. 21, 76131 Karlsruhe
Germany

+49 (0) 721 160 800-0
info@smartersec.com

Follow Us on Social Media