Layer Seven Security

Layer Seven Security Named Top SAP Cybersecurity Protection Solution 2025

Layer Seven on August 26, 2025

We are pleased to announce the Cybersecurity Review has selected the Cybersecurity Extension for SAP from Layer Seven Security as the Top SAP Cybersecurity Solution 2025. The international publication with almost 300,000 subscribers worldwide performed a detailed review of several solutions that provide cybersecurity coverage for SAP applications and infrastructure. This included solutions offered by providers such as Onapsis, Security Bridge, and Pathlock, as well as SAP solutions such as Enterprise Threat Detection (ETD) and Code Vulnerability Analyzer (CVA). The criteria included coverage and capabilities for areas such as SAP vulnerability management, compliance reporting, patch management, custom code security, threat detection and response, and anomaly detection.  

Other criteria included certification, deployment complexity and effort, maintenance, customer support, customization, integration with SIEM and incident management solutions, support for SAP RISE customers, user experience, and product roadmap. Licensing costs were also an important criteria given the recent drive for greater efficiency and lower costs in organizations.

The Cybersecurity Extension for SAP emerged as the leading solution across most of the criteria, specifically in areas such as coverage, support and licensing costs.

Coverage – The Cybersecurity Extension for SAP is the only solution in the market that delivers coverage for SAP vulnerability management, compliance reporting, patch management, custom code security, threat detection and response, and anomaly detection through a single integrated solution with a unified license. Other solutions require separate solutions or licenses for modular products. Some vendors such as SAP do not offer solutions for areas such as compliance reporting, patch management and vulnerability management.  

The Cybersecurity Extension for SAP also provides deeper coverage across the domains with higher volumes of checks and patterns for vulnerability and threat detection than competitors.

The ability of the solution to support database and operating system security for SAP systems was also identified as a key differentiator. The Cybersecurity Extension supports full-stack monitoring for SAP systems, whereas most alternative solutions support only the application layer.  This provides Layer Seven Security with an advantage in areas such as ransomware protection.

Certification – Earlier versions of the Cybersecurity Extension for SAP were certified for integration with SAP NetWeaver platforms. However, since the certification was discontinued by SAP, the solution is now certified for SAP HANA. The certification is performed by the SAP Integration and Certification Center and includes code reviews and testing performed by SAP.

Deployment Complexity and Effort – The Cybersecurity Extension for SAP benefits from a simplified architecture that does not require additional infrastructure including servers. This supports rapid deployment. The solution can be deployed as an addon to existing SAP systems including SAP GRC, BW, ECC, and S/4HANA. It can also be deployed to standalone SAP NetWeaver AS ABAP installations. The required addons are installed and configured within a few hours directly by SAP Basis administrators. Alternative solutions required additional servers and complex, time-intensive installation steps.

Maintenance – Content updates are provided by Layer Seven Security every month for new patches, vulnerability checks, and threat detection patterns. The updates can be performed in under 5 minutes with a few simple steps. Addon updates are provided on a quarterly cycle and include functional enhancements. They are applied using standard SAP steps for addon updates.

Customer Support – According to the Cybersecurity Review, customers singled out customer support as one of the strengths of Layer Seven Security. Customers commended the responsiveness of Layer Seven and valued the ability to reach out directly to dedicated engineers and developers without the need to go through regular support channels.

Customization – Layer Seven Security was also acknowledged by customers for their responsiveness to enhancement requests and customizations.  Requests were handled promptly and implemented swiftly, often without any additional charges.

SIEM/ Incident Management Integration – The Cybersecurity Extension for SAP supports seamless integration with a wide variety of Security Information and Event Management (SIEM) solutions including Splunk, QRadar, Sentinel and LogRhythm. Integration is simple and straightforward and flexible to accommodate to multiple scenarios. Integration with service desk solutions such as ServiceNow and Remedy is also supported.

Support for RISE – The addon approach was found to be particularly suitable for SAP RISE scenarios. Customers can deploy and maintain the addon directly to SAP RISE systems without the support of SAP Enterprise Cloud Services (ECS). Furthermore, customers do not need to request the provisioning and maintenance of additional infrastructure from SAP ECS.

User Experience – The Cybersecurity Extension for SAP provides an integrated user interface using SAP Fiori. The Fiori-based applications provide a consistent and intuitive experience for SAP users since they follow the identical design principles of standard SAP applications. SAP users can navigate effortlessly through the solution and extend and personalize the user experience.

Product Roadmap – The three-year roadmap for the Cybersecurity Extension for SAP was found to be well aligned with the evolving needs of SAP customers, particularly in the area of support for SAP cloud services such as BTP, SuccessFactors, and Cloud ALM.

Licensing Costs – Despite the leading position commanded by Layer Seven Security in areas such as coverage, deployment, maintenance, support, and user experience, the Cybersecurity Solution for SAP was found to be one of the most competitively priced solutions in the market. Licensing costs were considerably lower than alternatives including Onapsis and Security Bridge. Licensing was also more transparent and did not include hidden fees and up-charges. Overall, the Cybersecurity Review determined that the Cybersecurity Extension for SAP offered the optimal cybersecurity protection for SAP solutions with the lowest total cost of ownership.

An official announcement by the Cybersecurity Review is expected in the coming weeks of the selection of the Cybersecurity Extension for SAP as the official Top SAP Cybersecurity Solution 2025. The management team at Layer Seven Security would like to recognize the dedication and efforts of all employees for the acknowledgment and the continued support of our customers and partners.

Cybersecurity Extension for SAP, NetWeaver Edition

Layer Seven on July 29, 2025

Layer Seven Security is pleased to announce the official release of the Cybersecurity Extension for SAP, NetWeaver Edition. The release enables organizations to secure and monitor business-critical SAP applications without the need for Application Lifecycle Management (ALM) platforms such as SAP Solution Manager, SAP Focused Run, and Cloud ALM. The NetWeaver Edition can be deployed directly to SAP NetWeaver AS ABAP systems including SAP GRC, SAP ERP, and SAP S/4HANA.

The Cybersecurity Extension for SAP was originally developed as an addon for SAP ALM platforms. This supported rapid deployment and ease of maintenance since the Extension leveraged existing components and connections in ALM solutions, especially SAP Solution Manager (SolMan). However, SolMan is nearing the end of mainstream maintenance, scheduled for December 31 2027. Based on this, Layer Seven Security decided to redesign the Cybersecurity Extension for SAP starting in 2024 to operate independently of SolMan components such as the Extractor Framework, Configuration and Change Database (CCDB), System Recommendations, and the Monitoring and Alerting Infrastructure (MAI) including System Monitoring, as well as SolMan agents such as the Diagnostics Agent (DA). Similar components and agents are used in SAP Focused Run (FRUN). This initiative was completed successfully in July 2025. As a result, the Cybersecurity Extension for SAP can now be deployed to any NetWeaver AS ABAP system, version 7.40 or higher. The solution no longer requires ALM platforms such as SolMan and FRUN.

The NetWeaver Edition is available for all new customers of the Cybersecirty Extension for SAP. Existing customers can migrate to the NetWeaver Edition immediately or at any time before the end of mainstream maintenance for SolMan. The NetWeaver Edition also supports customers in SAP RISE and does not require external connections or integration with SAP Cloud ALM.

The first release of the NetWeaver Edition includes the full suite of core applications for SAP vulnerability management, patch management, custom code security, compliance reporting, and threat detection including security alerting and forensics. It supports all SAP ABAP and HANA solutions and SAP ASE databases. This includes SAP ECC and S/4HANA.

The second release scheduled for September 2025 will extend the coverage to include SAP AS Java, SAP Cloud Connector, SAProuter, SAP Web Dispatcher, and SAP Cloud Services including SAP BTP. It will also include applications such as Anomaly Detection and Trend Analysis.

Full parity between the NetWeaver and SolMan editions of the Cybersecurity Extension for SAP is targeted for December 2025. This includes support for operating system and database security for cross-stack monitoring of SAP systems.  

What’s New in the Cybersecurity Extension for SAP, Version 5.3

Layer Seven on June 25, 2025

The new release of the Cybersecurity Extension for SAP (CES) is in general availability and includes several important enhancements for SAP vulnerability management and threat detection.

Version 5.3 includes patterns for detecting indicators of compromise in the SAP Cloud Connector. The Connector is an agent that links SAP BTP applications with on-premise SAP systems. As a reverse proxy, it enables internal systems to connect securely with BTP services without exposing the systems to direct external access. The new release of CES includes alerts for security-related events in the Cloud Connector including configuration changes, changes to the Administrator account including passwords, changes to connected BTP subaccounts and backend systems, the activation of traces, settings for logging and auditing, role changes, certificates, LDAP, SNC, and other areas. application changes, remote logins, role changes, role grants to users, and cloud transports. The alerts can be integrated with SIEM solutions for centralized monitoring.

The new release also supports concurrent compliance analysis for multiple systems and includes updates for the SAP RISE, SAP Security Baseline and HIPAA frameworks. Mandatory security parameters and hardening requirements for SAP RISE customers were updated by SAP Enterprise Cloud Services (ECS) in June.

Version 5.3 includes the emergency updates that were released earlier for CVE-2025-31324. This includes patterns for the detection of attempted and successful exploitation of the zero-day vulnerability in SAP AS Java.

Extended checks have been introduced for the execution and logging of OS commands performed using the sapxpg program. sapxpg is a program controller that executes external programs and commands from SAP at the OS level.  

Finally, version 5.3 includes checks for the discovery of out-of-maintenance software components in SAP solutions. In accordance with the general SAP maintenance strategy, SAP only delivers support package notes for support packages shipped within the last 24 months. This is referred to as the 24-month rule. The rule took effect on June 11 2019 and extended the previous coverage period for support packages from 18 months. There are some exceptions to the rule, including SAP HANA, BW/4HANA, and SAP Kernel. The impact of the rule is that software components patched up to SP levels where the support packages were released more than 24 months ago are not provided with SP fixes to remove low, medium and high severity vulnerabilities discovered internally by SAP. The vulnerabilities can only be addressed by performing an SP upgrade to a support package that is within the 24-month rule.

Buyers Guide to SAP Enterprise Threat Detection

Layer Seven on November 27, 2024

SAP Enterprise Threat Detection (ETD) is the premier solution from SAP for identifying and responding to cyber attacks in SAP applications. ETD collects and analyzes log data from SAP systems and uses predefined patterns to detect Indicators of Compromise (IOCs) and trigger alerts for suspected security incidents. ETD includes graphical tools to support log analysis and detailed forensic investigation. Users can also create and publish custom patterns and alerts.

In addition to identifying potential threats, SAP ETD monitors the implementation status of required security notes in SAP solutions. Users can review the details of relevant notes including CVSS information and maintain the processing status of each note.

Anomaly detection is also supported by SAP ETD. The solution includes several patterns for anomalies, defined as events that deviate from normal or usual behavior in system landscapes.

ETD is a powerful solution capable of detecting and responding to cyber threats against SAP solutions in real time. It is available as an on-premise or cloud deployment, and can even be licensed as a managed service.

However, there are several drawbacks with SAP ETD, especially in comparison to alternative solutions available from SAP partners.

Unlike solutions such as the Cybersecurity Extension for SAP that use an addon approach to implementing advanced threat and response for SAP applications, ETD requires additional servers and infrastructure to host required components including SAP HANA, Kafka, Zookeeper, and streaming tools. This leads to more complex installation and maintenance procedures compared to software addons that can be installed and maintained in existing systems within SAP landscapes with comparatively low effort.

ETD is also bundled with relatively few attack detection patterns. The most current version and support package level of the on-premise edition of ETD includes approximately 175 patterns. The cloud edition of ETD provides fewer than 50 patterns. The recent release of the Cybersecurity Extension for SAP delivers far more coverage with over 1000 built-in patterns.

Furthermore, although ETD is capable of monitoring SAP infrastructure including third party databases and operating systems, standard patterns in ETD include very few patterns for the database and OS layer. In contrast, the Cybersecurity Extension for SAP includes hundreds of patterns not only for SAP databases such as HANA and ASE but operating systems including SUSE Enterprise Linux, Red Hat Enterprise Linux, and Windows Server.

However, the most important drawback of SAP ETD is that it does not support the full suite of cybersecurity capabilities to address cyber risks in SAP solutions.  ETD provides coverage for treat detection and patch management. However, it does not provide any support for other important areas such as access control, vulnerability management, custom code security, and compliance monitoring. Coverage for such areas would require the licensing of additional solutions from SAP or integrating capabilities from other platforms such as SAP Solution Manager. Full-suite solutions such as the Cybersecurity Extension for SAP provide integrated capabilities across all cybersecurity scenarios through a single, unified product and license. In addition to comprehensive threat detection and response with anomaly detection, the Cybersecurity Extension for SAP monitors critical access and segregation of duties risks for SAP solutions such as ECC and S/4HANA. It also performs automated vulnerability scans to detect more than 5000 vulnerabilities in SAP applications and infrastructure. Finally, it performs automated audits to detect compliance gaps with more than 15 regulatory and security frameworks and standards, including GDPR, NIST, PCI-DSS and the SAP Security Baseline.

Cybersecurity Extension for SAP, Version 5.2: Support for SAP BTP, Critical Access and SOD for SAP ECC, and More

Layer Seven on October 22, 2024

The new release of the Cybersecurity Extension for SAP is scheduled for general availability in October and includes several important enhancements.

Version 5.2 includes 40+ alerts for security related incidents in SAP BTP. This includes application changes, remote logins, role changes, role grants to users, and cloud transports. The alerts monitor events logged in the BTP central audit log. Events in the log are replicated to the Cybersecurity Extension for SAP to support forensic analysis. Log records include details such as the log event ID, description, timestamp, terminal ID, and application details for each event. Similar to existing alerts for ABAP, HANA, and Java system types, as well as databases, operating systems, and SAProuter and Web Dispatcher installations, BTP alerts can be integrated with SIEM solutions for centralized monitoring.

Earlier releases provided coverage for business-level critical access and segregation of duties in SAP S/4HANA. The new release extends the coverage to SAP ECC. Despite the scheduled end of mainstream maintenance for SAP ECC in 2027, many SAP customers have yet to migrate to S/4HANA and therefore ECC will be a mainstay within SAP landscapes of many organizations for several more years. Version 5.2 of the Cybersecurity Extension for SAP includes 350+ functional checks for access to sensitive ECC transactions and conflicting combinations of transactions. The checks cover processes such as Finance, HR and Payroll, Materials Management, Order to Cash, and Procure to Pay in ECC. Users can add custom checks for transactions and combinations not included in the standard ruleset. This includes custom transactions. The coverage includes all of the relevant access risk IDs monitored by SAP GRC for ECC. Users and user groups can be excluded for specific checks to tune the coverage and prevent false positives. Usage rights are included in the standard license for the Cybersecurity Extension for SAP.

The new release also includes checks and alerts for the deactivation of SAP UI Masking & UI Data Protection Masking solutions. The solutions protect access to sensitive data in SAP user interfaces by masking or clearing fields. The contents of the fields containing sensitive data are only revealed to users with the required roles or attributes.

Finally, version 5.2 includes alerts for the execution of new ICF services with known security vulnerabilities. The services are not yet widely known or included in the scope of vulnerable ICF services that should be deactivated based on SAP recommendations in frameworks such as the SAP Security Baseline. There are also additional checks for the Secure Storage in the File System (SSFS), new sensitive transaction codes, dangerous function modules and external programs, and dynamic changes for specific security-related profile parameters.

Cybersecurity Extension for SAP with SAP Focused Run

Layer Seven on June 19, 2024

SAP Focused Run (FRUN) is a Application Lifecycle Management (ALM) solution designed for real-time and high-volume system monitoring. It benefits from a more simplified and scalable architecture than other ALM platforms such as SAP Solution Manager (SolMan). Also, unlike SolMan, it runs exclusively with SAP HANA.

System monitoring using FRUN is supported through the deployment of the Simple Diagnostics Agent (SDA) to target systems. The SDA is integrated with the SAP Host Agent in SAP solutions. It collects and forwards metrics from systems to FRUN using HTTPS. System connections are routed through reverse proxies such as the Web Dispatcher. The SAP Host Agent, SDA and Web Dispatcher are included in RISE system builds and landscapes. Therefore, RISE systems can be monitored by both customers and service providers using SAP Focused Run.

FRUN supports monitoring for all SAP solutions and cloud services. This includes the public and private editions of SAP S/4HANA, SAP Business Suite, ECC, HANA platform, SAP Cloud, SuccessFactors/ HXM, Ariba, Concur, AS ABAP/ Java, Cloud Connector, Business Objects, Enterprise Portal, Mobile Platform, CRM, Business Warehouse, PI/PO, MII and Web Dispatcher. It also supports monitoring for OS and database platforms, and SAP BTP. Steps for monitoring the ABAP, Cloud Foundry, and Neo environments of BTP are detailed in the FRUN Expert Portal.

SAP Focused Run supports advanced monitoring capabilities such as Real User Monitoring. This can be used to monitor user actions for detailed forensics. It also supports System Anomaly Prediction for detecting and investigating anomalies based on predefined models and risks, and advanced Integration and Exception Monitoring for analyzing the usage of system interfaces.

The Cybersecurity Extension for SAP integrates with FRUN to perform advanced security monitoring for SAP solutions, including vulnerability and compliance management, patch management, custom code scanning, and threat detection and response. The SAP-certified solution leverages FRUN applications and components to discover system, code and user-related vulnerabilities, calculate required security notes, and detect security incidents and anomalies.

The Cybersecurity Extension for SAP is accessed from the Fiori launchpad for SAP Focused Run. FRUN users with the required roles can access the solution using the workgroup below. Systems are automatically mapped from the Landscape and Management Database (LMDB). Also, multi-tenancy for customer separation is automatically enforced through network and customer IDs configured by service providers in FRUN.

Deploying the Cybersecurity Extension for SAP to FRUN provides a more reliable and scalable option than deploying to Solution Manager.  It also delivers improved performance with lower maintenance in comparison to SolMan.  SAP Focused Run and SAP Solution Manager are the current deployment options supported for the standard edition of the Cybersecurity Extension for SAP. A third option is planned for early 2025 that would enable SAP customers to deploy the solution to NetWeaver AS ABAP systems such as SAP GRC. For SAP RISE customers, the cloud edition of the Cybersecurity Extension for SAP provides a SaaS option that does not require deployment to an SAP system.

Cybersecurity Extension for SAP version 5.1

Layer Seven on May 16, 2024

S/4HANA Access Risk Analysis, SAP RISE Compliance, SAP ETD Benchmarking and More

The new release of the Cybersecurity Extension for SAP is scheduled for general availability in May and includes several important enhancements.

Version 5.1 includes coverage for critical access and segregation of duties in SAP S/4HANA. It performs more than 700 checks for access to sensitive transactions and conflicting combinations of transactions for business processes such as Finance, HR and Payroll, Materials Management, Order to Cash, and Procure to Pay in S/4HANA. Exclusions can be maintained for users and groups to tune checks and exclude permitted users. Users can add custom checks for transactions and combinations not included in the standard ruleset. This includes custom transactions. The coverage includes all of the relevant access risk IDs monitored by SAP GRC for S/4HANA. The checks are included in the new areas S/4HANA Critical Access and S/4HANA Segregation of Duties. Usage rights are included in the standard license for the Cybersecurity Extension for SAP.

The new release also includes support for monitoring the compliance of SAP RISE systems with information security standards defined by SAP Enterprise Cloud Services (ECS) in note 3250501. The standards include required settings for security-relevant profile parameters, deleting unused clients, securing standard users, restricting access to password hashes, RFC gateway and message server hardening, deactivating critical ICF services, managing system and client change options, and applying transport layer security. There are over 120 specific requirements across 12 areas that customers must comply with for RISE solutions managed by ECS.

Version 5.1 includes several new threat detection patterns to bridge the gap with SAP Enterprise Threat Detection Cloud Edition (ETD CE). As a result, the Cybersecurity Extension for SAP now provides coverage for the same patterns as ETD CE. It also includes more than 750 patterns that are not included in ETD CE. Similar to ETD CE, the Cybersecurity Extension for SAP is available as Software-as-a-Service (SaaS) for RISE customers.

Finally, the new release includes new tiles for Actively Exploited Vulnerabilities and Known Exploited Vulnerabilities. The former can be used to display open vulnerabilities that have associated alerts. The latter can display calculated security notes for systems that are required to address Known Exploited Vulnerabilities (KEV) for SAP solutions in the CISA KEV catalog.

Security Compliance for SAP RISE Solutions

Layer Seven on February 19, 2024

S/4HANA and other ABAP systems provisioned by SAP for RISE customers are based on standard system builds. The builds include default settings to apply security by default based on hardening requirements and best practices. The settings are outlined in SAP Note 3250501 – Information on Mandatory Security Parameters & Hardening Requirements for ABAP systems in SAP Enterprise Cloud Services (ECS).

The requirements include recommended settings for security-relevant profile parameters, deleting unused clients, securing standard users, restricting access to password hashes, RFC gateway and message server hardening, deactivating critical ICF services, managing system and client change options, and applying transport layer security. There are over 120 specific requirements across 12 areas that customers must abide by to comply with SAP security standards for RISE solutions.

The Cybersecurity Extension for SAP (CES) performs automated gap assessments to ensure RISE solutions comply with SAP security requirements. The assessments are performed using Compliance Reporting accessed from the CES launchpad.

SAP RISE should be selected from the framework selection screen.

Once the framework is selected, you can select a target system from the available systems in your SAP RISE landscape and click on Execute.

The results are summarized for each requirement and an overall compliance score is calculated for the system.

You can drilldown into each requirement to navigate the detailed findings.

You can click on the > icon for each finding to view further information and create an action plan to manage the remediation of compliance issues.

The report filters can be used to focus on specific requirements or results. For example, you can suppress compliant areas to isolate compliance failures.

Shortcuts can be created and published to the Fiori launchpad for fast access to compliance results.

The shortcuts can be published as custom tiles to existing or new work groups.

Compliance reports can also be scheduled to run on regular intervals. The reports are automatically distributed in PDF or CSV to recipients by email during each run.

The Cybersecurity Extension for SAP is an SAP-certified addon for SAP Solution Manager and SAP Focused Run. An addon version for other SAP NetWeaver AS ABAP systems such as SAP GRC is expected in Q4 this year.

SAP Cybersecurity Buyers Guide from SAPinsider

Layer Seven on January 24, 2024

The SAP Cybersecurity Buyers Guide from SAPinsider provides a valuable, independent assessment of the capabilities of technology vendors and consultants for SAP security solutions and services. The guide reviews key solution providers and consultants in the cybersecurity domain for SAP. It performs a Vendor Capability Assessment across the following areas:

Threat Intelligence and Detection
Access and Identity Management
Data Protection and Encryption
Vulnerability Management
Incident Response and Forensics
Cloud Security and Compliance
Secure Code and Application Review

The Cybersecurity Extension for SAP is a featured vendor in the Buyers Guide and acknowledged in the review for its strong coverage in all areas. The solution is also cited for its support for S/4HANA and cross-stack security in SAP systems including application, database and host layers, rapid deployment, and lower costs and maintenance compared to alternatives.

DOWNLOAD

SAP Solution Manager, Private Cloud Edition, for SAP RISE Customers

Layer Seven on December 19, 2023

Usage rights for SAP Solution Manager are included in SAP support and maintenance agreements for on-premise SAP solutions. The rights include database licenses for SAP HANA and ASE. Customers with Enterprise Support agreements have usage rights for all functional areas of Solution Manager, whereas customers with Standard Support agreements have restricted rights that include commonly used areas such as Change and Release Management (ChaRM), System Recommendations, and System Monitoring, but excludes areas such as Custom Code Management and Business Process Analytics.

SAP Cloud ALM is an alternative Application Lifecycle Management (ALM) solution that is provided to SAP customers with active cloud services. It can be used for both cloud and on-premise SAP solutions. Enterprise Support customers have usage rights for Cloud ALM but customers with cloud services and no on-premise solution supported by SAP do not have usage rights for Solution Manager.

There is currently no feature parity between Cloud ALM and Solution Manager. In other words, Cloud ALM does not support the same scenarios as Solution Manager. Since many customers require ALM functions that are not provided by Cloud ALM, SAP provides cloud-only customers with the option to subscribe to SAP Solution Manager, Private Cloud Edition (PCE).

Solution Manager PCE is the successor to SAP Solution Manager for SAP S/4HANA Cloud and like its predecessor, it is available in two versions: Project Documentation and Full. The main difference between the two versions is that the project documentation version is deployed as a single-system landscape, whereas the full version is deployed as a dual-system landscape, similar to on-premise installations. The full version is required to support the deployment of agents to managed systems.

Cloud-only customers can order the full version of SolMan PCE from SAP Enterprise Cloud Services (ECS) using SKU 8014172 providing they are using SAP S/4HANA or ERP on RISE. It is provisioned by SAP ECS within 30-40 days and includes SAP HANA.

The Cybersecurity Extension for SAP can be deployed to both on-premise and cloud installations of SAP Solution Manager. This includes SolMan PCE for RISE customers. Layer Seven Security provides a fully managed service for RISE customers that includes setup and maintenance of SolMan PCE.