SlideShare a Scribd company logo

How a SAP security dashboard revolutionized risk analysis at Dürr IT Service GmbH [Webinar]

akquinet enterprise solutions GmbH
akquinet enterprise solutions GmbH

In this webinar, Dürr IT provides insights into how they can transparently present their risk situation with the SAP Security Dashboard of the SAST SUITE and also integrate relevant information into their SIEM system as well as make it available to the company-wide SOC. The focus is on a holistic view of regular punctual parameter checks in combination with real-time threat detection. In addition, we offer an overview of the optimal measures for the best possible risk minimization. For more and more companies, the holistic overview of the current risk situation and the presentation of information is an increasing challenge. Management views of the current risk situation and its changes over time are required, as are detailed work lists and support for follow-up actions. All this with increasingly diversified contacts in security teams across the company. Focus of the webinar: • How dashboards transparently visualize changes in the risk situation • Integrating SAP security islands into enterprise SIEM/SOC solutions • Learnings for the implementation of successful SAP Security Dashboards • Best practice approach to risk mitigation for SAP systems ------------------------------------------------------------------------------------------------------------- Für Informationen auf Deutsch schreiben Sie uns gerne an: mail@sast-solutions.de

Technology
1 of 14
Download to read offline
How SAP Security Dashboards are changing the work of Dürr IT Service GmbH.
www.durr-group.com Internal use only Your hosts today: WELCOME! Alexander Wirth Global IT Dürr IT Service GmbH Ralf Kempf CTO SAST SOLUTIONS - Part of Pathlock © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH 2
www.durr-group.com Internal use only 3 1. Presentation 2. Initial Situation of Dürr IT Service GmbH 3. Aspects of SAP Security (SAST SOLUTIONS) 4. Security Analyses and Visualization in the Dashboard ◼ Time-related ◼ Period-related 5. Take Home Messages © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH Agenda
www.durr-group.com Internal use only © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH 4 Sales 2021: €3.3 billion Employees 2021: around 17,800 116 Locations worldwide Dürr Group: 3 global brands Dürr AG Carl Schenck AG Dürr Systems AG HOMAG Group AG
www.durr-group.com Internal use only 5 Globally operating Group of Companies - Global IT ▪ Global IT as central IT Service Provider for the Dürr Group ▪ 370 Employees worldwide ▪ 100 national Companies are supported by Global IT ▪ SAP Basis as part of Operational IT responsible for the secure operation of around 60 SAP Systems ▪ Hybrid system landscapes in on-premise operation, hosting and cloud Dürr IT Service GmbH © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
www.durr-group.com Internal use only 8 Independent pentest to determine the as-is situation Derivation of suitable measures ▪ Creating security awareness among all employees ▪ Definition of a security baseline ▪ Hardening of the SAP systems ▪ Connection to a cross-application SIEM tool Create new processes ▪ Monthly SAP Security Patch Management ▪ Cyclical testing of the security baseline (monthly, weekly and daily) ▪ Real-time monitoring of background activities ▪ Establishment of a SIEM / SoC Team Initial situation of Dürr IT Service GmbH Permanent optimization of holistic system security necessary! Result: © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
www.durr-group.com Internal use only 9 Why the SAST Team is the right Partner and the Suite is the right Tool. Selection criteria ▪ Possibility of regular auditing of the systems including trend detection ▪ Display of incoming and outgoing connections on the SAP Systems ▪ Central entry point for overview of system security (parameters, authorizations, log files, security notes, ...) ▪ Security real-time monitoring of log files - Alerting for potentially critical activities - Possibility of forwarding to existing SIEM Tool Vendor selection of Dürr IT Service GmbH Procurement of a tool that supports the hardening of the system landscapes on the basis of policies but also allows individual adaptations Target: © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
www.durr-group.com Internal use only 10 Cyclic checks interacting with real-time threat detection Holistic SAP Security Consideration Real-time threat detection Change and process management Protocol and behavioral analyses Real-time Vulnerability and authorization search Cyclic Configuration of the SAP landscape Users and permissions Q1 Q2 Q3 Q4 ... Enterprise SIEM/SOC Solution © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
www.durr-group.com Internal use only Regular analyses to support internal control systems (ICS) SAP Security and Compliance at a glance Hardening Project to minimize Risk System Settings Permissions User Accounts Network Database Operating System ABAP Coding ACTUAL state System Settings Permissions User Accounts Network Database Operating System ABAP Coding ACTUAL state ... ... ... ... ... ... ... System Settings Permissions User Accounts Network Database Operating System ABAP Coding ACTUAL state System Settings Permissions User Accounts Network Database Operating System ABAP Coding ACTUAL state System Settings Permissions User Accounts Network Database Operating System ABAP Coding TARGET state Define Audit Requirements (legal, internal) Initial System Landscape Analysis Cyclic internal Testing (e.g. ICS) 11 © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
www.durr-group.com Internal use only 12 Visualization of Results in the Security Dashboard Audit Results over Time © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
www.durr-group.com Internal use only 13 Avoid SAP as a "blind spot" of SIEM Systems Baseline: ▪ Provision of support users for SAP simplified via FIORI app ▪ NO internal use of these users! Challenges: User sovereignty is no longer in BASIS -> loss of control Solution: A combination of efficient SAP log analysis and SIEM integration ▪ Efficient evaluation of logs related to these users and their usage ▪ Configuration of special events in SAST Suite ▪ Forwarding and enrichment of SAP data to SIEM ▪ Integration into the SOC dashboard SAP real-time Monitoring © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
"Thanks to the integration of SAST SUITE analyses, the conscientious work of our SOC team is now much more transparent in the security dashboards. This is a real benefit, because changes in our security status can now be identified immediately and processed in a very timely manner. But the best tool only helps if it is also used. It offers additional advantages: The administrative effort is reduced and our SAP experts can concentrate on solving the problem." Alexander Wirth Dürr IT Service GmbH
www.durr-group.com Internal use only © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH 15 ▪ The SAP standard offers many options for security configuration but reaches its limits when it comes to complex issues. ▪ Non-obvious vulnerabilities (cleaning up subtleties) tie up resources, this is where tools offer great benefits. ▪ Recommendation is the creation of a dedicated (SAP) Security Team without integration into the day-to-day business. ▪ Understand SAP Security in the interplay of static analysis and real-time monitoring. ▪ Dashboards help to visualize the results of security teams in a comprehensible way. ▪ Dashboards allow timely identification and response to changes in security status. ▪ An absolute fallacy: one tool solves all problems. This is only true if it is also used and the capacities gained are used specifically to solve the problem. Take Home Messages
www.durr-group.com Internal use only DO YOU HAVE ANY QUESTIONS? WE ANSWER. WITH CERTAINTY. © Copyright SAST SOLUTIONS. All rights reserved. This publication is protected by copyright. All rights, in particular the right of reproduction and distribution as well as translation, are reserved. No part of this documentation may be reproduced in any form (by photocopy, microfilm or any other process) or processed, duplicated or distributed using electronic systems without our prior written consent. Some of the designations mentioned in this publication are also registered trademarks of the respective providers and as such are subject to the statutory provisions. The information in this publication has been compiled with the greatest care. However, no guarantee can be given for its usability, correctness and completeness. SAST SOLUTIONS accepts no liability for damages that may arise from the use of the information. Ralf Kempf CTO SAST SOLUTIONS – Part of Pathlock Tel: +49 40 88137-109 E-mail: mail@sast-solutions.de Web: sast-solutions.com © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH

Recommended

ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...akquinet enterprise solutions GmbH
 
Rectify your top findings before the external auditors arrive! [Webinar]
Rectify your top findings before the external auditors arrive! [Webinar]Rectify your top findings before the external auditors arrive! [Webinar]
Rectify your top findings before the external auditors arrive! [Webinar]akquinet enterprise solutions GmbH
 
Effective Cyber Security – the difference between “point in time” and “period...
Effective Cyber Security – the difference between “point in time” and “period...Effective Cyber Security – the difference between “point in time” and “period...
Effective Cyber Security – the difference between “point in time” and “period...akquinet enterprise solutions GmbH
 
Why your works council has nothing to fear from SAP security. [Webinar]
Why your works council has nothing to fear from SAP security. [Webinar]Why your works council has nothing to fear from SAP security. [Webinar]
Why your works council has nothing to fear from SAP security. [Webinar]akquinet enterprise solutions GmbH
 
Too many SAP S/4HANA authorization projects fail. But it doesn’t have to be t...
Too many SAP S/4HANA authorization projects fail. But it doesn’t have to be t...Too many SAP S/4HANA authorization projects fail. But it doesn’t have to be t...
Too many SAP S/4HANA authorization projects fail. But it doesn’t have to be t...akquinet enterprise solutions GmbH
 
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]akquinet enterprise solutions GmbH
 
End-to-end SAP S/4HANA security projects are child’s play – if you have the r...
End-to-end SAP S/4HANA security projects are child’s play – if you have the r...End-to-end SAP S/4HANA security projects are child’s play – if you have the r...
End-to-end SAP S/4HANA security projects are child’s play – if you have the r...akquinet enterprise solutions GmbH
 
How Linde identifies and tracks security incidents in its SAP systems. [Webinar]
How Linde identifies and tracks security incidents in its SAP systems. [Webinar]How Linde identifies and tracks security incidents in its SAP systems. [Webinar]
How Linde identifies and tracks security incidents in its SAP systems. [Webinar]akquinet enterprise solutions GmbH
 

Recommended

ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...
ttribute-based Data Masking: How to effectivelyimprove the protectionof your ...akquinet enterprise solutions GmbH
 
Rectify your top findings before the external auditors arrive! [Webinar]
Rectify your top findings before the external auditors arrive! [Webinar]Rectify your top findings before the external auditors arrive! [Webinar]
Rectify your top findings before the external auditors arrive! [Webinar]akquinet enterprise solutions GmbH
 
Effective Cyber Security – the difference between “point in time” and “period...
Effective Cyber Security – the difference between “point in time” and “period...Effective Cyber Security – the difference between “point in time” and “period...
Effective Cyber Security – the difference between “point in time” and “period...akquinet enterprise solutions GmbH
 
Why your works council has nothing to fear from SAP security. [Webinar]
Why your works council has nothing to fear from SAP security. [Webinar]Why your works council has nothing to fear from SAP security. [Webinar]
Why your works council has nothing to fear from SAP security. [Webinar]akquinet enterprise solutions GmbH
 
Too many SAP S/4HANA authorization projects fail. But it doesn’t have to be t...
Too many SAP S/4HANA authorization projects fail. But it doesn’t have to be t...Too many SAP S/4HANA authorization projects fail. But it doesn’t have to be t...
Too many SAP S/4HANA authorization projects fail. But it doesn’t have to be t...akquinet enterprise solutions GmbH
 
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]
Cut your costs: Deactivate inactive users & reduce sap license fees. [Webinar]akquinet enterprise solutions GmbH
 
End-to-end SAP S/4HANA security projects are child’s play – if you have the r...
End-to-end SAP S/4HANA security projects are child’s play – if you have the r...End-to-end SAP S/4HANA security projects are child’s play – if you have the r...
End-to-end SAP S/4HANA security projects are child’s play – if you have the r...akquinet enterprise solutions GmbH
 
How Linde identifies and tracks security incidents in its SAP systems. [Webinar]
How Linde identifies and tracks security incidents in its SAP systems. [Webinar]How Linde identifies and tracks security incidents in its SAP systems. [Webinar]
How Linde identifies and tracks security incidents in its SAP systems. [Webinar]akquinet enterprise solutions GmbH
 
What if a hacker has already broken in when your IT auditor is at the door? H...
What if a hacker has already broken in when your IT auditor is at the door? H...What if a hacker has already broken in when your IT auditor is at the door? H...
What if a hacker has already broken in when your IT auditor is at the door? H...akquinet enterprise solutions GmbH
 
Best Practice Guide Security: How to check your SAP systems for security. [We...
Best Practice Guide Security: How to check your SAP systems for security. [We...Best Practice Guide Security: How to check your SAP systems for security. [We...
Best Practice Guide Security: How to check your SAP systems for security. [We...akquinet enterprise solutions GmbH
 
How to manage users, roles and rights in S/4HANA systems audit compliant. [We...
How to manage users, roles and rights in S/4HANA systems audit compliant. [We...How to manage users, roles and rights in S/4HANA systems audit compliant. [We...
How to manage users, roles and rights in S/4HANA systems audit compliant. [We...akquinet enterprise solutions GmbH
 
Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]
Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]
Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]akquinet enterprise solutions GmbH
 
Towards new shores with cross-system SoD analyses. [Webinar]
Towards new shores with cross-system SoD analyses. [Webinar]Towards new shores with cross-system SoD analyses. [Webinar]
Towards new shores with cross-system SoD analyses. [Webinar]akquinet enterprise solutions GmbH
 
Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]
Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]
Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]akquinet enterprise solutions GmbH
 
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...akquinet enterprise solutions GmbH
 
How can managed services improve your SAP security and compliance? [Webinar]
How can managed services improve your SAP security and compliance? [Webinar]How can managed services improve your SAP security and compliance? [Webinar]
How can managed services improve your SAP security and compliance? [Webinar]akquinet enterprise solutions GmbH
 
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...akquinet enterprise solutions GmbH
 
SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...
SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...
SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...akquinet enterprise solutions GmbH
 
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...akquinet enterprise solutions GmbH
 
SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...
SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...
SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...akquinet enterprise solutions GmbH
 
SAST Authorization Management: How to integrate your SoD analysis into the SA...
SAST Authorization Management: How to integrate your SoD analysis into the SA...SAST Authorization Management: How to integrate your SoD analysis into the SA...
SAST Authorization Management: How to integrate your SoD analysis into the SA...akquinet enterprise solutions GmbH
 
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...akquinet enterprise solutions GmbH
 
SAST Threat Detection for SAP [Webinar]
SAST Threat Detection for SAP [Webinar]SAST Threat Detection for SAP [Webinar]
SAST Threat Detection for SAP [Webinar]akquinet enterprise solutions GmbH
 
SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]akquinet enterprise solutions GmbH
 
SAST Interface Management for SAP systems [Webinar]
SAST Interface Management for SAP systems [Webinar]SAST Interface Management for SAP systems [Webinar]
SAST Interface Management for SAP systems [Webinar]akquinet enterprise solutions GmbH
 
SAST Safe Go-Live Management for SAP authorizations [Webinar]
SAST Safe Go-Live Management for SAP authorizations [Webinar]SAST Safe Go-Live Management for SAP authorizations [Webinar]
SAST Safe Go-Live Management for SAP authorizations [Webinar]akquinet enterprise solutions GmbH
 
SAST Managed Services for SAP [Webinar]
SAST Managed Services for SAP [Webinar]SAST Managed Services for SAP [Webinar]
SAST Managed Services for SAP [Webinar]akquinet enterprise solutions GmbH
 

More Related Content

More from akquinet enterprise solutions GmbH

What if a hacker has already broken in when your IT auditor is at the door? H...
What if a hacker has already broken in when your IT auditor is at the door? H...What if a hacker has already broken in when your IT auditor is at the door? H...
What if a hacker has already broken in when your IT auditor is at the door? H...akquinet enterprise solutions GmbH
 
Best Practice Guide Security: How to check your SAP systems for security. [We...
Best Practice Guide Security: How to check your SAP systems for security. [We...Best Practice Guide Security: How to check your SAP systems for security. [We...
Best Practice Guide Security: How to check your SAP systems for security. [We...akquinet enterprise solutions GmbH
 
How to manage users, roles and rights in S/4HANA systems audit compliant. [We...
How to manage users, roles and rights in S/4HANA systems audit compliant. [We...How to manage users, roles and rights in S/4HANA systems audit compliant. [We...
How to manage users, roles and rights in S/4HANA systems audit compliant. [We...akquinet enterprise solutions GmbH
 
Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]
Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]
Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]akquinet enterprise solutions GmbH
 
Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]
Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]
Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]akquinet enterprise solutions GmbH
 
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...akquinet enterprise solutions GmbH
 
How can managed services improve your SAP security and compliance? [Webinar]
How can managed services improve your SAP security and compliance? [Webinar]How can managed services improve your SAP security and compliance? [Webinar]
How can managed services improve your SAP security and compliance? [Webinar]akquinet enterprise solutions GmbH
 
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...akquinet enterprise solutions GmbH
 
SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...
SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...
SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...akquinet enterprise solutions GmbH
 
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...akquinet enterprise solutions GmbH
 
SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...
SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...
SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...akquinet enterprise solutions GmbH
 
SAST Authorization Management: How to integrate your SoD analysis into the SA...
SAST Authorization Management: How to integrate your SoD analysis into the SA...SAST Authorization Management: How to integrate your SoD analysis into the SA...
SAST Authorization Management: How to integrate your SoD analysis into the SA...akquinet enterprise solutions GmbH
 
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...akquinet enterprise solutions GmbH
 

More from akquinet enterprise solutions GmbH (19)

What if a hacker has already broken in when your IT auditor is at the door? H...
What if a hacker has already broken in when your IT auditor is at the door? H...What if a hacker has already broken in when your IT auditor is at the door? H...
What if a hacker has already broken in when your IT auditor is at the door? H...
 
Best Practice Guide Security: How to check your SAP systems for security. [We...
Best Practice Guide Security: How to check your SAP systems for security. [We...Best Practice Guide Security: How to check your SAP systems for security. [We...
Best Practice Guide Security: How to check your SAP systems for security. [We...
 
How to manage users, roles and rights in S/4HANA systems audit compliant. [We...
How to manage users, roles and rights in S/4HANA systems audit compliant. [We...How to manage users, roles and rights in S/4HANA systems audit compliant. [We...
How to manage users, roles and rights in S/4HANA systems audit compliant. [We...
 
Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]
Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]
Tips for the secure conversion of your SAP ERP roles to S/4HANA. [Webinar]
 
Towards new shores with cross-system SoD analyses. [Webinar]
Towards new shores with cross-system SoD analyses. [Webinar]Towards new shores with cross-system SoD analyses. [Webinar]
Towards new shores with cross-system SoD analyses. [Webinar]
 
Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]
Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]
Cyber attacks on your SAP S/4HANA systems? So you can stay relaxed. [Webinar]
 
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
SAP Security & Compliance Audits. Find your vulnerabilities before you get hu...
 
How can managed services improve your SAP security and compliance? [Webinar]
How can managed services improve your SAP security and compliance? [Webinar]How can managed services improve your SAP security and compliance? [Webinar]
How can managed services improve your SAP security and compliance? [Webinar]
 
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...
 
SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...
SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...
SAP Authoziations: RENK AG tests out SAST's new self-adjusting SAP roles. [We...
 
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...
 
SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...
SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...
SAP HANA & S/4HANA: How hackers are compromising S/4HANA and how you can prot...
 
SAST Authorization Management: How to integrate your SoD analysis into the SA...
SAST Authorization Management: How to integrate your SoD analysis into the SA...SAST Authorization Management: How to integrate your SoD analysis into the SA...
SAST Authorization Management: How to integrate your SoD analysis into the SA...
 
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
Fiori and S/4 authorizations: What are the biggest challenges, and where do t...
 
SAST Threat Detection for SAP [Webinar]
SAST Threat Detection for SAP [Webinar]SAST Threat Detection for SAP [Webinar]
SAST Threat Detection for SAP [Webinar]
 
SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]SAST Code Security Advisor for SAP [Webinar]
SAST Code Security Advisor for SAP [Webinar]
 
SAST Interface Management for SAP systems [Webinar]
SAST Interface Management for SAP systems [Webinar]SAST Interface Management for SAP systems [Webinar]
SAST Interface Management for SAP systems [Webinar]
 
SAST Safe Go-Live Management for SAP authorizations [Webinar]
SAST Safe Go-Live Management for SAP authorizations [Webinar]SAST Safe Go-Live Management for SAP authorizations [Webinar]
SAST Safe Go-Live Management for SAP authorizations [Webinar]
 
SAST Managed Services for SAP [Webinar]
SAST Managed Services for SAP [Webinar]SAST Managed Services for SAP [Webinar]
SAST Managed Services for SAP [Webinar]
 

How a SAP security dashboard revolutionized risk analysis at Dürr IT Service GmbH [Webinar]

  • 1. How SAP Security Dashboards are changing the work of Dürr IT Service GmbH.
  • 2. www.durr-group.com Internal use only Your hosts today: WELCOME! Alexander Wirth Global IT Dürr IT Service GmbH Ralf Kempf CTO SAST SOLUTIONS - Part of Pathlock © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH 2
  • 3. www.durr-group.com Internal use only 3 1. Presentation 2. Initial Situation of Dürr IT Service GmbH 3. Aspects of SAP Security (SAST SOLUTIONS) 4. Security Analyses and Visualization in the Dashboard ◼ Time-related ◼ Period-related 5. Take Home Messages © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH Agenda
  • 4. www.durr-group.com Internal use only © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH 4 Sales 2021: €3.3 billion Employees 2021: around 17,800 116 Locations worldwide Dürr Group: 3 global brands Dürr AG Carl Schenck AG Dürr Systems AG HOMAG Group AG
  • 5. www.durr-group.com Internal use only 5 Globally operating Group of Companies - Global IT ▪ Global IT as central IT Service Provider for the Dürr Group ▪ 370 Employees worldwide ▪ 100 national Companies are supported by Global IT ▪ SAP Basis as part of Operational IT responsible for the secure operation of around 60 SAP Systems ▪ Hybrid system landscapes in on-premise operation, hosting and cloud Dürr IT Service GmbH © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
  • 6. www.durr-group.com Internal use only 8 Independent pentest to determine the as-is situation Derivation of suitable measures ▪ Creating security awareness among all employees ▪ Definition of a security baseline ▪ Hardening of the SAP systems ▪ Connection to a cross-application SIEM tool Create new processes ▪ Monthly SAP Security Patch Management ▪ Cyclical testing of the security baseline (monthly, weekly and daily) ▪ Real-time monitoring of background activities ▪ Establishment of a SIEM / SoC Team Initial situation of Dürr IT Service GmbH Permanent optimization of holistic system security necessary! Result: © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
  • 7. www.durr-group.com Internal use only 9 Why the SAST Team is the right Partner and the Suite is the right Tool. Selection criteria ▪ Possibility of regular auditing of the systems including trend detection ▪ Display of incoming and outgoing connections on the SAP Systems ▪ Central entry point for overview of system security (parameters, authorizations, log files, security notes, ...) ▪ Security real-time monitoring of log files - Alerting for potentially critical activities - Possibility of forwarding to existing SIEM Tool Vendor selection of Dürr IT Service GmbH Procurement of a tool that supports the hardening of the system landscapes on the basis of policies but also allows individual adaptations Target: © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
  • 8. www.durr-group.com Internal use only 10 Cyclic checks interacting with real-time threat detection Holistic SAP Security Consideration Real-time threat detection Change and process management Protocol and behavioral analyses Real-time Vulnerability and authorization search Cyclic Configuration of the SAP landscape Users and permissions Q1 Q2 Q3 Q4 ... Enterprise SIEM/SOC Solution © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
  • 9. www.durr-group.com Internal use only Regular analyses to support internal control systems (ICS) SAP Security and Compliance at a glance Hardening Project to minimize Risk System Settings Permissions User Accounts Network Database Operating System ABAP Coding ACTUAL state System Settings Permissions User Accounts Network Database Operating System ABAP Coding ACTUAL state ... ... ... ... ... ... ... System Settings Permissions User Accounts Network Database Operating System ABAP Coding ACTUAL state System Settings Permissions User Accounts Network Database Operating System ABAP Coding ACTUAL state System Settings Permissions User Accounts Network Database Operating System ABAP Coding TARGET state Define Audit Requirements (legal, internal) Initial System Landscape Analysis Cyclic internal Testing (e.g. ICS) 11 © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
  • 10. www.durr-group.com Internal use only 12 Visualization of Results in the Security Dashboard Audit Results over Time © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
  • 11. www.durr-group.com Internal use only 13 Avoid SAP as a "blind spot" of SIEM Systems Baseline: ▪ Provision of support users for SAP simplified via FIORI app ▪ NO internal use of these users! Challenges: User sovereignty is no longer in BASIS -> loss of control Solution: A combination of efficient SAP log analysis and SIEM integration ▪ Efficient evaluation of logs related to these users and their usage ▪ Configuration of special events in SAST Suite ▪ Forwarding and enrichment of SAP data to SIEM ▪ Integration into the SOC dashboard SAP real-time Monitoring © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH
  • 12. "Thanks to the integration of SAST SUITE analyses, the conscientious work of our SOC team is now much more transparent in the security dashboards. This is a real benefit, because changes in our security status can now be identified immediately and processed in a very timely manner. But the best tool only helps if it is also used. It offers additional advantages: The administrative effort is reduced and our SAP experts can concentrate on solving the problem." Alexander Wirth Dürr IT Service GmbH
  • 13. www.durr-group.com Internal use only © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH 15 ▪ The SAP standard offers many options for security configuration but reaches its limits when it comes to complex issues. ▪ Non-obvious vulnerabilities (cleaning up subtleties) tie up resources, this is where tools offer great benefits. ▪ Recommendation is the creation of a dedicated (SAP) Security Team without integration into the day-to-day business. ▪ Understand SAP Security in the interplay of static analysis and real-time monitoring. ▪ Dashboards help to visualize the results of security teams in a comprehensible way. ▪ Dashboards allow timely identification and response to changes in security status. ▪ An absolute fallacy: one tool solves all problems. This is only true if it is also used and the capacities gained are used specifically to solve the problem. Take Home Messages
  • 14. www.durr-group.com Internal use only DO YOU HAVE ANY QUESTIONS? WE ANSWER. WITH CERTAINTY. © Copyright SAST SOLUTIONS. All rights reserved. This publication is protected by copyright. All rights, in particular the right of reproduction and distribution as well as translation, are reserved. No part of this documentation may be reproduced in any form (by photocopy, microfilm or any other process) or processed, duplicated or distributed using electronic systems without our prior written consent. Some of the designations mentioned in this publication are also registered trademarks of the respective providers and as such are subject to the statutory provisions. The information in this publication has been compiled with the greatest care. However, no guarantee can be given for its usability, correctness and completeness. SAST SOLUTIONS accepts no liability for damages that may arise from the use of the information. Ralf Kempf CTO SAST SOLUTIONS – Part of Pathlock Tel: +49 40 88137-109 E-mail: mail@sast-solutions.de Web: sast-solutions.com © Dürr AG, How SAP Security Dashboards are changing the work of Dürr IT Service GmbH