Cybersecurity Extension for SAP

SAP-Certified Cybersecurity Protection for SAP Solutions

Support for SAP S/4HANA, SAP RISE, & SAP BTP

Secure your SAP solutions from cyber attack with the Cybersecurity Extension for SAP

The Cybersecurity Extension for SAP automates vulnerability management, custom code analysis, and threat detection to safeguard SAP solutions against advanced persistent threats.

Designed for on-premise, cloud, and hybrid SAP landscapes, the solution delivers real-time security intelligence to identify vulnerabilities and indicators of compromise in SAP applications and infrastructure.

It is offered as a subscription-based service for flexible and scalable deployment.

Certified by SAP for integration with SAP S/4HANA, the Cybersecurity Extension also supports SAP ABAP, HANA, and J2EE systems, as well as cloud platforms such as SAP Business Technology Platform (BTP).

The solution can be seamlessly deployed with SAP S/4HANA, SAP ECC, SAP GRC, and other SAP NetWeaver AS ABAP platforms.

It provides cross-stack protection across the application, database, and host layers in SAP systems, delivering comprehensive defense against ransomware and other multi-vector attacks.

The platform is fully optimized for SAP RISE and SAP Cloud ERP environments managed by SAP Enterprise Cloud Services (ECS), enabling secure and efficient operation in modern cloud-based SAP architectures.

Secure Your Transition to SAP S/4HANA

Manage User Risks, Secure Custom Code and Protect Cloud Systems

Are you an SAP RISE customer?

Layer Seven Security delivers more coverage at lower cost than SAP RISE services

Key Features

Remove blind spots in your security coverage without requiring additional hardware or installing agents in SAP systems.

Perform scheduled scans for thousands of vulnerabilities in SAP platforms including misconfigurations, missing patches and users with administrative privileges. Security checks are benchmarked against industry standards and SAP recommendations. Policies are regularly updated for emerging threats and vulnerabilities. Automatic detection of actively exploited vulnerabilities.

Prioritize threats to SAP systems based on risk and business impact. Filter, rank and sort the results of automated scans. Comment on findings for collaboration and remediation tracking. Export and share reports across your organization.

Monitor security KPIs using interactive dashboards. Dynamic visualizations provide real-time threat data for SAP vulnerabilities, security notes and open alerts. Drilldown from summarized results to detailed values. Filter and export results.

Detect missing security patches. Download and apply corrections. Review and apply workarounds to address SAP vulnerabilities.

Detect vulnerable cross-system connections that could be exploited to hop from breached systems to connected systems and compromise entire SAP landscapes. Analyze internal and external SAP traffic including Cloud connections. Automatically detect remote calls for vulnerable RFC-enabled function modules, URLs, and Web Services.

Continuously monitor event data in SAP logs for indicators of compromise (IOC). Monitor events in the security audit log, gateway server, message server, system log, read access log, STAD, change documents, SAProuter, HANA, BTP Audit Log, Web Dispatcher and Java security log. Trigger alerts and email/ SMS messages for security incidents. Detect breaches of sensitive data including personal data for GDPR compliance.

Investigate security incidents using guided procedures for rapid response. Apply best practices and standard operating procedures for forensic investigations. Document findings, track investigations and archive results for auditing.

Automate gaps assessments for GDPR, PCI-DSS, SOX, NIST and other compliance frameworks, including security requirements for SAP RISE/ Cloud ERP, SAP Security Baseline, and the security guide for SAP S/4HANA.

Detect anomalies in system and user events based on abnormal patterns in event logs that may indicate potential security threats.

Scan and secure custom SAP programs using test cases integrated with SAP Code Inspector (SCI) and ABAP Test Cockpit (ATC). Support for ABAP and SAPUI5 programs and applications.

Integrate security alerts with SIEM systems including Splunk, QRadar, ArcSight, LogRhythm and Sentinel.

Secure your SAP Migration to the Cloud
Learn how the global pharmaceutical company Indivior securely migrated SAP systems to the cloud with Layer Seven Security