• SAP is no longer an unknown black box for hackers

    SAP is one of the most widely used enterprise resource planning (ERP) solutions, optimizing critical business functions such as accounting and finance, logistics and supply management, and Human Resources, among many others.

    For many years, securing SAP systems focused on internal threats. User authorizations, Segregation of Duties (SoD), Governance, Risk management and Compliance (GRC), and role management are still necessary but no longer enough.

    The risks have changed and now come from the external environment. Since 2010, more than 3,400 vulnerabilities have been detected on SAP solutions (source: SAP.com). These new threats are often underestimated by stakeholders.

    The CIO, CISO and CFO all need to be aware that if they have a version of SAP more than 2 years old, they are potentially facing more than 500 security vulnerabilities.

  • How Devoteam SAP Security experts can help your organization

    We at Devoteam will help you answer the recurring question big companies have: "How and where do I begin to secure the hundreds of SAP Systems I have?"

  • ADVISE

    Devoteam SAP Security experts act as advisors by providing technical answers and recommendations to help your teams make decisions. Most of the time, a few corrections can quickly elevate your SAP overall security level.

  • FACILITATE

    Our team will be the interface between your security and SAP Administrator teams to strengthen their communication and align their goals.

  • ANALYSE

    We can deliver reports defining the overall security level, attack scenarios, identified risks and the detailed vulnerabilities discovered.  Devoteam helps companies mitigate risk by establishing clear priorities and action plans.  

  • Our expertise
    • SAP Security Assessment
      By performing a whitebox assessment check, we are able to evaluate your SAP Security level without risk.
       
    • SAP Penetration Testing
      Acting as a potential attacker would, our experts uncover breaches in the SAP system. This type of simulation demands specific knowledge of both security and SAP.
       
    • Remediation Process
      Devoteam has developed a process to manage SAP security correction globally, not only system by system. We adapt this process to each customer’s needs.
       
    • Sensitizing SAP Teams
      Our targeted training raises SAP Team awareness about new security threats and SAP security best practices to avoid the repetition of security mistakes.  
       
    • SAP Security monitoring check
      We help to enable and configure all logs related to security in SAP and adapt them to your current global monitoring management.
       
    • Custom ABAP code check
      Depending on the global SAP security level and exposure, by scanning custom ABAP code we are able to advise customers whether a deeper and expensive review is unnecessary.