How to defend your SAP against vulnerabilities?
SAP applications are usually quite sensitive and vulnerable. While SAP continuously releases security patches – 30 per month on average – these tend not be applied systematically. Mostly because of their adverse effect on application functionality in custom environments. Indeed, administrators worry that applying patches may generate bugs and regressions. As a consequence, many companies decide not to apply them. Such organizations remain exposed to some old vulnerabilities being exploited by hackers. There is a way for companies to protect themselves however, even without modifying their environment.
Watch the webcast (about 40 minutes)
Presented by Stéphane de Saint Albin (CMO) and Vincent Maury (CTO), this webcast will answer to the following questions:
– How to prevent the exploitation of known SAP vulnerabilities by hiding internal URLs and routing traffic to internal services?
– How to adjust policy to infrastructure specificities by de-encoding base 64 parameters and avoiding false positives with pre-defined exceptions?
– How to enforce user access policy by adjusting authentication methods to user context and monitoring user behavior to prevent illegal actions?