With more than 20 years of SAP experience and more than 10 years of experience in international SAP security projects, we offer pen tests for SAP systems, but also for classic IT landscapes.
Cloud, SAP BTP, internal networks and SAP landscapes or SAP systems exposed to the Internet with FIORI – we are the leading contact in the SAP security world.
SAP Security within the enterprise used to be about securing GRC, roles and rights, passwords and some hardening of RFC connections. It was a manageable world of security themes and threats, and SAP Security has always had a tendency to be something isolated, detached.
The same discussion happened when SIEM solutions or Security Operation Centers were introduced,, The topic “SAP” was always traded as “Phase 2, earliest.”
SAP security audits, the ubiquitous “pen tests,” offer an excellent opportunity not only to analyze one’s SAP landscape for vulnerabilities, but also to perform a risk assessment. A central FI system has a high criticality for one customer, while for another customer this is the system with production control and bills of materials.
A KRITIS company will perceive a different risk situation than a tech company or a medium-sized company in a local context.
As part of our pen tests, whether on the SAP cloud, BTP or classic “on-premise” systems, we offer customized security audits that are performed according to the guidelines and specifications of the German Federal Office for Information Security (BSI), DSAG and other international organizations