Updates on the smarterSec Security Platform from December 2023
As the digital attack surface continues to evolve, it’s crucial to stay ahead of the curve in terms of cybersecurity. That’s why we are excited to share with you the advancements we’ve made to our platform to better protect our customers from cyber threats. In this blog series, we will continuously highlight the newest features and updates that make the smarterSec Security Platform even more powerful for safeguarding your digital assets. From enhanced threat detection to improved user experience, our improvements will help our customers to stay one step ahead of potential security breaches. Whether you’re a current user or just interested in learning more about smarterSec, this blog series is for you. Your feedback is more than welcome. So, join us as we take a closer look at the latest innovations for the smarterSec Security Platform.
If you want to dive deeper into the functionalities of the smarterSec Security Platform, you can find more information here: https://smartersec.com/smartersec-security-platform/
New features & improvements
Main feature(s)
SIEM Integration
The smarterSec Security Platform scan results can now be integrated into SIEM- systems (supporting CEF & LEEF), closing the gap between the IT landscape and the SAP landscape
- Specify a scenario or a delta of two scenarios to be fed into a SIEM-system
- Create CEF and/or LEEF-files to import into your SIEM (supporting ArcSight, QRadar Splunk, etc.)
Minor feature(s)
Encrypted Communication
- Provide encrypted communication between SAP NetWeaver Systems and the smarterSec Security Platform
- Using SAP SNC for logon (based on user name and password)
- Must have item from the category “eat you own dogfood”!
Management of Scenarios
- Now it is possible to save your test case selections in scenarios and reuse them for repeated scans
- Differentiate between public (unique, for everyone) and private scenarios (just for you)
- Can be used to document external standards like “DSAG-Prüfleitfaden” (German SAP user group test guide) or to save your individual selection of test for a demo
Search for Test Cases
- When creating a scan, you can search by test case name (or test case number) to find matching tests (try with SAP_ALL)
New user role
- User role “Editor” provided in addition to “user” and “admin”
- Editor users are allowed to maintain custom specific values for policies and test case check values e.g. adjust the requirement for default password length
Content
New Test Cases
- “Nearly SAP_ALL”: new test case reporting all users that are having a de-facto SAP_ALL, based on the ratio of their assigned authorizations. By default having more than 90% of all authorizations is regarded SAP_ALL (configurable threshold)
- Split up “Executable report without authorization group” into namespaces for SAP/3rd-party/customer
Test Case Documentation
- Added test case documentation for further 26 test cases
We will update you on our new platform features regularly here in this blog – stay tuned and give us a follow on LinkedIn to not miss any further updates!
Related topics: Managed Security Service for the smarterSec Security Platform // smarterSec Security Platform