SAP Client-side Security Assessment
“Could someone attack my organization’s end-users by abusing SAP vulnerabilities and achieve access to my business-critical information? What can I do to stop him?”
Employees access SAP systems through two main channels: SAP GUI and Web, being the first one the most widely deployed. SAP GUI is a complex client solution, shipped with several technologies to provide a flexible operation of the company’s SAP environment. This complexity can be, as a collateral effect, the source for many security risks that could be exploited by malicious attackers to access end-users workstations.
The SAP Client-side Security Assessment service analyzes your SAP GUI implementations looking for security vulnerabilities such as:
- Missing security patches
- Existence of vulnerable SAP ActiveX controls
- Insecure history configuration
- Insecure Security Module configuration
- Detect threats that could be exploited by the growing trend of client-side cyber attacks.
- Obtain a suggested action plan and detailed solutions to mitigate discovered risks, increasing the security level of your end-users systems.
- Executive Report with a summary of existing risks and the possible impacts for your business.
- Detailed Technical Report, providing detailed vulnerability information.
- Mitigation Plan Report, presenting a recommended action plan with detailed mitigation activities for each detected issue.