Ready for

SAP® HANA

SAST GRC Suite –Governance, Risk and Compliance

Security is simplyA GOOD FEELING

The integrated soluti on for SAP® Security and Compliance Management:n Identi fi es risksn Eliminates security vulnerabiliti esn Sati sfi es statutory requirements

Secu

rity

Gap

2010 2011 2012 2013 2014 2015

Existi ng vulnerabiliti es must be closed.All preventi ve security measures demand a constant monitoring.

SAP® Technology complexity

Hacking skills and tools

SAP® Guideline Security Level

Security of SAP® Systems

Increasing complexity amplifi es your risk

The increasing complexity of SAP® system landscapes and

faulty confi gurati ons can lead frequently to serious security

vulnerabiliti es. Installing new soft ware components also

poses the risk of overlooking security vulnerabiliti es.

With standard administrati ve features the risks for a

company are barely manageable. However, not only your

IT systems and your company’s economic existence are

at risk: Managing directors, boards of management and

executi ves can be held responsible for damage arising from

inadequate security control.

SAP® ERPSAP® BISAP® CRMSAP® SCM ... Netweaver

Five rules for security and compliance

1. Identi fy risks2. Defi ne validati on rules3. Conduct analyses4. Eliminate weaknesses5. Defi ne additi onal audits

Comprehensive SAP® Compliance Management

Database

Applicati on

Operati ng system

Users

n Oraclen MS SQL Servern IBM DB2n MaxDBn SAPDB

over 40 risks

n Criti cal system setti ngsn System parametersn Confi gurable controlsn Module specifi c controlsn ABAP workbench & TMS

over 3.000 risks

n Unix systemsn Windows systems over 50 risks

n Criti cal authorizati onsn Comprehensive SoD matricesn Quality of the user master recordsn Standard profi les (SAP_ALL)n Inacti ve users

over 450 risks

Aimed trouble shooti ng provides security

akquinet has specifi cally developed SAST (System Audit and

Security Toolkit) GRC Suite for SAP® for you to counteract

such risks.

n All criti cal system acti viti es are monitored and assessed

on a cross-client basis in real ti me.

n Checks are carried out across the whole system.

n SAP® authorizati ons and setti ngs for the operati ng

system, database and system parameters are checked

and monitored.

akquinet threat

intelligence

SoD AnalysesVulnerability

and compliance scanSystem

confi gurati on

Real Time threat detecti on

SIEM Integrati on

User and role management

Emergency user logging

Reporti ng and analyti cs

SecurityRadar

SAST Management Cockpit

IBM QRadar

Extracti on of all

SAP® relevant log data

SAST GRC Suite

SAST GRC Suite

SAST Audit

AdminTrack

Super User Access

Management

SAST Audit

SystemTrack

Baseline System Security Analyses

SASTAudit

UserTrack

Authorizati on and SoD Analyses

SAST RiskTrack

Periodic Access Review and

Risk Monitoring

SAST Role

Opti mizer

SAP® Role Management

SAST Download Observer

Data Leakage Preventi on

(DLP)

SASTUser Access

Management

Compliant User

Provisioning

SAST AT HCM

DisplayTrack

IntranetPassword

Reset

Overview of the SAST modules

AdminTrack: Secure emergency user procedure

Monitor privileged users, such as emergency users, and their

accesses in your SAP® system without gaps. All transacti ons,

system changes and criti cal acti viti es are re corded in a tamper-

proof audit record.

SAST AT HCM DisplayTrack: The logging of read access to SAP® HCM data

With the SAST AdminTrack plus module, akquinet is the fi rst

SAP®-certi fi ed consulti ng partner to off er a reliable soluti on

that logs read access by privileged users to SAP® HCM data

and provides detailed informati on on this.

SystemTrack: Completely protected SAP® systems

Analyze and opti mize the security of your SAP® system auto-

mati cally and in real ti me. The module examines all levels of

your SAP® system including operati ng system and database

parameters as well as criti cal OSS Notes using more than 3,000

checks. This allows you to detect security vulnerabiliti es at an

early stage. Even the code of self-developed ABAP programs

is examined by the SAST SystemTrack to identi fy potenti al

vulnerabiliti es in the source code.

UserTrack: Authorizati on analysis in real ti me

Check authorizati ons across clients and systems. Auditors

will receive qualifi ed assessments from ‘one’ workstati on

and can therefore monitor and evaluate criti cal SAP® au-

thorizati ons, combinati ons, processes and SoD frameworks

using pre-confi gured and freely confi gurable SoD matrices.

SAST will detect criti cal authorizati ons in real ti me as soon

as a role is defi ned.

Extracti on of all SAP®

relevant log data

SAST Interface Analyzer

(Add on)

SASTManagement

CockpitSecurityRadar

+

RiskTrack: Monitoring of risks and miti gati ng controls

Manage identi fi ed risks centrally and assign them to the

responsible user departments. With a simple mouse-click

identi fi ed risks relati ng to authorizati on and SoD evaluati on

and technical system inspecti on can be transferred directly

from the analyses to the risk memory for further processing.

Role Opti mizer: Automati c generati on of SAP® roles

Analyze and manage existi ng roles with regard to T-code use

and perform mass role creati on and change. As part of this

module, we provide you with over 700 confl ict-free sample

roles for SAP® ERP.

Download Observer: Protecti on against theft of data from SAP® systems

All downloads from SAP® are monitored and logged

transparently in a way that ensures that the informati on can

be used as evidence. This provides you with an eff ecti ve tool

for protecti ng your company against industrial espionage and

any violati on of data protecti on regulati ons.

SAST Security Radar: 360° real-ti me monitoring of your SAP® systems (SIEM)

With this extensive Security Informati on and Event Manage-

ment (SIEM) soluti on, you get an overview of the security

status of all your SAP® systems at the touch of a butt on.

User Access Management: Audit-proof management of users, roles and rights

Map customized workfl ows for the requesti ng and approv-

ing of users and authorizati ons in your SAP® system. As an

additi onal functi on, we off er coupling with an intranet pass-

word reset and you can integrate an IDM system.

Intranet Password Reset: Self-service for simple password resets

Simplify the implementati on of strict password guide-

lines and eliminate the costs for help desk calls. The in-

tranet-based self-service directly enables the user to reset

personal passwords, eliminati ng long, ti me-intensive re-

quest processes involving the help desk.

Management Cockpit: The integrated soluti on for risk analysis and control

Display and analyze IT auditor results clearly and depict

developments over ti me. You will be able to identi fy the risk

situati on in your SAP® system landscape at a glance.

SAST Interface Analyzer: Analysis and safeguarding of SAP® system interfaces

Check inbound and outbound connecti ons and relati onships

and get a graphical, cross-system overview of interfaces.

Benefits of the SAST GRC Suite:

n SAST is fully integrated into SAP®:

n Speedy installation, you are operational

within hours

n Intuitive operation thanks to the GUI

customized for SAP®

n Protection of company data, these remain

in your SAP® system

n 360° real-time monitoring of your SAP® systems

n SAST GRC Suite is SAP® certified

n SAST check functions and rules have been

certified by an economy auditing association

n Checks of the technical system security

of ABAP and JAVA environments

n SAP® download content is completely

logged

n Available in 8 languages

What benefi ts does the SAST GRC Suite provide?

Due to the complete integrati on of SAST GRC Suite into SAP® you

n have an overview of the security status of your SAP® systems

at the touch of a butt on.

n only require a few days for installing our soft ware and training

your staff .

n save yourself the costs of the additi onal installati on of other

systems and computers and their operati on that other

products require.

n can verifi able reduce your authorizati on management eff orts

by using our pre-confi gured validati on rule sets and role

templates.

Database

Operati ng systemNetwork

SAP® Basis systemSAP® Authorizati ons

SAP® Confi gurable controls

Management Reporti ng and Transacti ons

Database/Infrastructure layer

Applicati on layer

Presentati on layer

Business process controls

General IT controls

akquinet AG

Paul-Stritter-Weg 5

22297 Hamburg

Tel: +49 (0)40 881 73-0

Fax: +49 (0)40 881 73-111

info@akquinet.de

www.akquinet.de

For further information visit:

www.akquinet.de/sast

1504

. IW

S

Let‘s take the next step together

SAST protects valuable SAP® corporate data in significantly more

than 2,000 installations globally. Trust in the SAST security solutions

and akquinet’s consulting expertise – ask for our references!