Cybersecurity Extension for SAP

SAP-Certified Cybersecurity Protection for SAP Solutions

Support for SAP S/4HANA, SAP RISE, & SAP BTP

Active Exploitation of SAP Zero Day Vulnerability CVE-2025-31324

Secure your SAP solutions from cyber attack with the Cybersecurity Extension for SAP

The Cybersecurity Extension for SAP automates vulnerability management, custom code security, and threat detection to secure SAP solutions against advanced persistent threats.

The software protects on-premise, cloud and hybrid SAP systems. It delivers near real-time security intelligence to detect vulnerabilities and indicators of compromise in SAP applications. The solution is available as a subscription service.

The Cybersecurity Extension for SAP is certified by SAP for integration with SAP S/4HANA. It also supports SAP ABAP, HANA and J2EE solutions, and cloud services such as SAP BTP.

The Cybersecurity Extension for SAP can be installed in SAP GRC, SAP Focused Run, SAP Solution Manager and other SAP NetWeaver AS ABAP systems.

The solution supports cross-stack security for SAP systems including application, database and host layers for comprehensive ransomware protection.

The software is optimized for SAP RISE solutions managed by SAP Enterprise Cloud Services (ECS).

Secure Your Transition to SAP S/4HANA

Manage User Risks, Secure Custom Code and Protect Cloud Systems

Are you an SAP RISE customer?

Layer Seven Security delivers more coverage at lower cost than SAP RISE services

Key Features

Remove blind spots in your security coverage without requiring additional hardware or installing agents in SAP systems.

Perform scheduled scans for thousands of vulnerabilities in SAP platforms including misconfigurations, missing patches and users with administrative privileges. Security checks are benchmarked against industry standards and SAP recommendations. Policies are regularly updated for emerging threats and vulnerabilities. Automatic detection of actively exploited vulnerabilities.

Prioritize threats to SAP systems based on risk and business impact. Filter, rank and sort the results of automated scans. Comment on findings for collaboration and remediation tracking. Export and share reports across your organization.

Monitor security KPIs using interactive dashboards. Dynamic visualizations provide real-time threat data for SAP vulnerabilities, security notes and open alerts. Drilldown from summarized results to detailed values. Filter and export results.

Detect missing security patches in real-time using a direct connection to SAP Support. Download and apply corrections. Perform change impact analysis to discover the impact of security notes.

Detect vulnerable cross-system connections that could be exploited to hop from breached systems to connected systems and compromise entire SAP landscapes. Analyze internal and external SAP traffic including Cloud connections. Automatically detect remote calls for vulnerable RFC-enabled function modules, URLs, and Web Services.

Continuously monitor event data in SAP logs for indicators of compromise (IOC). Monitor events in the security audit log, gateway server, message server, system log, read access log, STAD, change documents, SAProuter, HANA, BTP Audit Log, Web Dispatcher and Java security log. Trigger alerts and email/ SMS messages for security incidents. Detect breaches of sensitive data including personal data for GDPR compliance.

Investigate security incidents using guided procedures for rapid response. Apply best practices and standard operating procedures for forensic investigations. Document findings, track investigations and archive results for auditing.

Automate gaps assessments for GDPR, PCI-DSS, SOX, NIST and other compliance frameworks.

Detect anomalies in system and user events using the Predictive Analysis Library (PAL) in SAP HANA.

Scan and secure custom SAP programs using test cases integrated with SAP Code Inspector (SCI) and ABAP Test Cockpit (ATC). Support for ABAP and SAPUI5 programs and applications.

Integrate security alerts with SIEM systems including Splunk, QRadar, ArcSight, LogRhythm and Sentinel.

Secure your SAP Migration to the Cloud
Learn how the global pharmaceutical company Indivior securely migrated SAP systems to the cloud with Layer Seven Security