We check all areas of operation of SAP solutions
Security for the SAP platform is a key factor that influences the proper functioning of the client's system.
SE16N recommends cyclical activities aimed at improving the functioning of the SAP infrastructure. We offer an audit of technical areas in the SAP environment.
To make sure that the system works stably and is correctly configured, SE16N specialists carry out a number of verification activities, which include the analysis of ABAP queries, audit of administrative procedures, audit of programming documentation and checking the level of users' rights and their licenses.
The audit by the SE16N crew makes the customer's technical environment ready for safe use by users in accordance with good SAP practices.
Our offer
Penetration tests
We perform environmental tests by conducting a controlled attack on the client's systems. The purpose of such tests is to identify vulnerabilities and gaps in the system that may contribute to unwanted access. Penetration tests should be carried out cyclically due to the constantly increasing "creativity" of cyber attacks. Penetration tests can be carried out under various scenarios, depending on the level of knowledge about the client's environment.
Scenario I (blackbox) -> the tester plays the role of a hacker who does not have information about the client's infrastructure and hacks based on information that he can obtain on the Internet.
Scenario II (whitebox) -> the tester has knowledge about IP addresses, device configuration or information about source codes. In such a scenario, the tester's extensive knowledge allows to check any errors in the design of the system architecture.
Scenario III (graybox) -> the tester has only some information about the system (e.g. user account names and their roles), but does not know as in the case of the whitebox approach.
Cybercriminals often focus on human errors that were committed when configuring the system architecture, so it is important that such work is verified. This will allow you to track potential vulnerabilities to attacks. Based on the system vulnerability tests, SE16N consultants prepare documentation reporting all non-conformities and risks along with recommendations for implementation.
Security overview
SE16N consultants perform a security status review using the SOS (Security Optimization Services) report available as part of the SAP Solution Manager. SAP Security Optimization Services allows you to perform a system analysis, thanks to which we will obtain important information about the security of our environment. The review allows you to determine the risk of hacking into the system, business data confidentiality and user authenticity. This form of analysis will allow you to see if users use the system in accordance with business assumptions and obtain information about potential threats and risks. Thanks to the security review, we ensure the appropriate allocation of rights and secure sensitive data in the company.
Identity management & GRC
We offer the following programming services in the area of Identity Management:
- implementation of GRC access control processes (EAM - emergency access management module, BRM - business role management module, AR - access request module),
- implementation of SAP Netweaver IDM integration scenarios (AD, CUA, ABAP, JAVA, HANA);
- configuration of SAP Cloud Platform identity authentication for cloud and hybrid scenarios.