All Research
Executive View
This KuppingerCole Executive View report looks at Pathlock Cybersecurity Application Controls (CAC), a solution for managing cybersecurity for SAP. A technical review of the solution is included.

1 Introduction

SAP is the leading vendor of Line of Business (LoB) applications. Their applications covering Enterprise Resource Planning (ERP) and many other use cases form the backbone of business operations in many organizations, ranging from medium-sized business to the world’s largest organizations. Aside from SAP, there are many other vendors. In addition, the SAP portfolio is becoming more diverse regarding architectures, implementation, and deployment models.

Taking such a central role in organizations, SAP systems of different types and other LoB systems operated in different deployment models, need special care from security teams that understand the specifics of these environments, and are equipped with specialized tools. SAP/LoB Security Solutions are essential for improving the security posture in the business application environments and mitigating risks to these core LoB applications.

There are various challenges organizations are facing for improving the security posture of their SAP and LoB application environments:

  • System hardening: System hardening in SAP/LoB landscapes requires specialized solutions covering all elements of complex environments, from operating systems and databases to the business applications.
  • Patch deployment: Deliver patches and hotfixes in a controlled, efficient manner without disrupting operations.
  • Code vulnerability analysis: The specific programming languages used such as ABAP (Advanced Business Application Programming) require specialized tools for enforcing code security.
  • Log analysis & threat detection: Complex, large-volume log information needs to be understood for extracting information about concrete threats.
  • Heterogeneous environment support: The LoB landscape is becoming increasingly diverse, requiring solutions that support a range of different types of applications and deployment models.
  • Siloed organizations: Many of these applications are still managed by dedicated teams residing in a distinct organizational unit. Integration with the broader cybersecurity and system administration teams is essential.
  • Data Security: Dynamically masking and restricting access to sensitive production data based on user attributes and other customizable policies. Additionally, scrambling data to ensure security of replicated test data in non-production environments, when data is in transit, or when direct access to the database is possible. Dynamic data security controls are essential to ensure comprehensive protection of production and non-production data, as well as enforcing data loss prevention (DLP) mechanisms.
  • Dynamic Access Control: Expanding access controls beyond a traditional, inflexible role-based access control (RBAC) security model with dynamic policies and attribute-based access controls (ABAC). A policy-based approach is important for managing access securely and effectively across an infinitely growing number of users and applications as organizations scale and migrate to S/4HANA.

Holistic SAP/LoB Security solutions support customer organizations in mitigating cybersecurity risks to their business application environments, both with specialized capabilities and in integration to other security systems such as centrally deployed and managed SIEM solutions. Traditionally, such solutions only cover specific capabilities that help in better protecting one security aspect such as code security. Modern cybersecurity best practices require a holistic and integrated security platform approach to improve the overall security of these environments. The various solutions on the market differ in both breadth and depth of capabilities as well as in their ability for supporting the wide range of existing SAP and other LoB applications, services, and environments.

Risk Management and Security are still not handled consistently in organizations.

Figure 1: Risk Management and Security are still not handled consistently in organizations.

Pathlock is one of the vendors in this market, delivering a range of capabilities with their Cybersecurity Applications Controls offering.

Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use