SecurityBridge, the Cybersecurity Command Centre for SAP, announced the launch of SecurityBridge Security Information Event Management (SIEM) and IT Service Management (ITSM) for SAP.
These innovative company platform additions are designed to enhance SAP-specific security monitoring and incident management.
Broader IT security operations
Through the enhancements, APIs allow workflow integration between infrastructure security and SAP security to enable the sharing of identified IoCs (Indicators of Compromise) and initiate automated compensating controls to bridge the gap with unprecedented visibility.
“With the increasing recognition of SAP vulnerabilities, organisations need robust solutions to ensure this information seamlessly aligns with broader IT security operations,” said Holger Hügel, Product Management Director at SecurityBridge.“SecurityBridge SIEM for SAP and ITSM for SAP provides organisations with enriched threat insights and improved operational efficiency.”
SAP audit and security logs
The solution enriches event messages by correlating SAP audit and security logs with contextual data
SecurityBridge integrates seamlessly with enterprise SIEM and ITSM solutions, offering built-in SAP security monitoring rules customised to fit organisational needs—allowing for rapid deployment and tailored security responses.
Additionally, the solution enriches event messages by correlating SAP audit and security logs with contextual data, including infrastructure details such as hostnames and IP addresses—empowering Security Operations Centres (SOCs) to respond swiftly and effectively.
Additional benefits
- Built-in SAP Security Monitoring Rules: Pre-configured and customisable rules for rapid deployment and effective monitoring.
- Incident Message Enrichment: Delivers actionable insights by correlating SAP events with broader infrastructure details.
- Enhanced Operational Efficiency: This solution provides a unified view of SAP-specific and enterprise-wide security operations, reducing response times and increasing threat visibility.
- Simplified Incident Management for SAP: Drag-and-drop features and seamless ITSM workflows with tools like ServiceNow and Jira, including backlinks to original SAP events for detailed analysis.
Support for change management processes
SecurityBridge addresses this need by embedding essential security checks into SAP’s standard testing
The complexity of SAP applications makes Change Management a critical process that requires seamless integration with technical testing and validation. SecurityBridge addresses this need by embedding essential security checks into SAP’s standard testing and deployment workflows, including the ABAP Test Cockpit (ATC) and SAP Solution Manager.
Its Patch Management feature automates SAP patching within SAP Solution Manager. At the same time, SecurityBridge TRACE (Transport Center) offers advanced validation and control capabilities, ensuring automated and secure deployment of SAP changes across the entire landscape.
Identity and access management (IAM) integration
SAP’s user authorisation system is highly complex and tailored to SAP-specific use cases, making integration into overall Identity and Access Management (IAM) processes essential. SecurityBridge provides detailed insights into SAP user authorisations, identifying critical users and privileges that require attention.
This includes highlighting obsolete users or authorisations to reduce the attack surface and unnecessary elevated privileges that can be safely de-provisioned without disrupting workflows. Additionally, SecurityBridge enables easy extraction of user authorization data for integration with third-party IAM tools, streamlining the management and mitigation of potential risks.
Alignment with SAP Governance, Risk, and Compliance (GRC)
SecurityBridge complements SAP GRC by providing technical SoD monitoring, with predefined rulesets
Segregation of Duties (SoD) is vital to Governance, Risk, and Compliance (GRC), ensuring restricted business functions remain appropriately segregated. SecurityBridge complements SAP GRC by providing technical SoD monitoring, with predefined rulesets offering "can-do" and "did-do" overviews of restricted program executions.
Enhanced by Threat Detection and User and Entity Behaviour Analysis (UEBA), further advancements are planned for 2025. SecurityBridge’s Privileged Access Management (PAM) enforces the “least privilege” principle, enabling ad-hoc elevated access requests with full control and audit review, maintaining consistent end-to-end audit trails without impersonation for efficient forensic analysis.
Availability and pricing
These integrations are currently available and offered as part or as add-ons of the SecurityBridge platform.
