Detecting the Hand Still in the Cookie Jar
- LANGUAGE: English DATE: Tuesday, April 05, 2016 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
SAP systems contain the most precious assets of an enterprise. They can however get lost, manipulated or destroyed in less than a minute. Examples are a) theft of sensitive customer data on a large scale by simple download, b) illegitimately elevated access rights: A user creates fictive other users, carries out illegal activities and deletes these users afterwards again, c) system take over by manipulating files on the level of the operating system which gives full access to all data on the SAP system.
Those typical security breaches in SAP systems can be detected in real-time by targeted log analysis in combination with SIEM. This allows to respond adequately to such events as well as to gather information on them for further data and system security measures.
Topics of this KuppingerCole Webinar:
- Prevent – Detect – Respond: The new paradigm
- Real Time Security (RTSI) and SIEM
- Identity as the new security perimeter
- Extending traditional SAP security with real time breach detection.
- Identifying anomalous/suspicious network activities
- Detecting strong indications of a security incident in progress
In the first part of the webinar Matthias Reinwarth, Senior Analyst at KuppingerCole, will compare traditional IT security approaches focused on prevention and protection to new ones like Real Time Security Intelligence (RTSI) in general as well as Breach/Incident Response mechanisms. This shows why the classic approach needs to be extended quickly and targeted. Identity is the new perimeter.
In the second part Ralf Kempf, Managing Director at akquinet enterprise solutions will, based on real-life examples, provide a deeper insight into methodologies and technologies to implement real time breach detection in existing SAP environments. Additionally, he will explain how to adequately respond to such events as well as how to gather information on them using SIEM systems.
Paul-Stritter-Weg 5 • 22297 Hamburg • Germany
Phone: +49 40 88 1730
Fax: +49 40 88 173199
The akquinet specialists for SAP® compliance, IT security, and risk management deliver security for SAP® systems. With our SAST GRC Suite, which is certified by SAP®, you will receive the best imaginable protection for your SAP® infrastructures, which are critical to your business.
SAST offers a unique variety of solutions for all essential requirements of system protection and SAP authorizations:
- It has a diversified and most nuanced offering of modules.
- It provides a framework, whose scope is unparalleled.
- It can be integrated into all SIEM tools in real time.
- It is supported by one of the most experienced consulting teams.
For these reasons, SAST is the best 360-degree solution for protecting your SAP® systems.
This has also been proven by the study of Kuppinger Cole on the topic “Access Control/Access Governance for SAP® environments”. In the overall evaluation, the akquinet SAST GRC Suite attained second place and is the only provider besides SAP® to achieve the rank of “leading provider”.
More than 150 customers worldwide trust in the expertise of akquinet and use already successful our SAP® Compliance Tool for SAP® systems to protect their crucial SAP® corporate data.
akquinet AG is an international, steadily growing IT consulting company, whose headquarter is located in Hamburg, Germany. The company specialized in implementation of ERP systems and development of custom software for Java, SAP®, Microsoft and as well as their security. More than 650 specialists work at the headquarter and in other branches in Germany, Poland, and Austria. akquinet drives the TÜV-IT-certified data processing service center in Hamburg, Itzehoe, and Norderstedt. akquinet is committed to active inclusion and integration. Above all, akquinet is an SAP®-certified provider of hosting services and SAP® HANA operation services, and runs as a SAP® services partner.
Access Governance-Tools sind in der heutigen Business-IT ein unverzichtbares Element. Sie dienen dem Management von Benutzer- und Berechtigungsworkflows, der Vergabe von Zugangsrechten, der Durchführung von Kampagnen zur Zugriffszertifizierung und der Implementierung und Prüfung von Controls für die Funktionstrennung (SOD). Mit einer wachsenden Zahl von Business-Applikationen, gerade auch aus der Cloud, und ihrer Vernetzung wächst die Herausforderung, Access Governance übergreifend und automatisiert umzusetzen.