SAP Security Orchestration with Xiting’s Security Solutions
Xiting has developed security orchestration solutions specifically for SAP systems to help enterprises ensure that their security measures are both efficient and effective.
An easy-to-understand example of difficult-to-enforce security setting across the entire landscape are password complexity policies that make sure that all user passwords meet the minimum complexity requirement as defined by the organization.
Xiting’s solution was built to gather, normalize, and analyze data from both on-premise and cloud solutions to provide real-time monitoring and alerting in case security-relevant events are detected.
Managing security and compliance in a hybrid landscape is a cumbersome and error-prone task. As an SAP customer, your landscape is ever-growing, and individually managing applications is almost impossible. Our solution is designed to make it easy to achieve a real-time, unified view for faster and more comprehensive analysis. Its centralized logging and monitoring can help you see whether critical configuration and security changes are functional.
With standard interfaces to your Security Information and Event Management (SIEM) system, our solutions allow you to extend your SIEM system with SAP events. For example, you can achieve real-time monitoring to check the assignment of profile SAP_ALL in your production systems. As soon as assigned, Xiting will trigger an alert and notify the respective persons, either through the SIEM integration or via email.
Whether your SAP applications, services, and data are housed on-premise or in the cloud, automation and orchestration make complex cyber processes run smoothly. The more security measures you are managing, the more helpful tools will become.
Table of Contents
What is SAP Security Orchestration?
Orchestration is an important topic in the cloud and DevOps world. Security orchestration, not only for SAP but in general, refers to the arrangement and coordination of automated tasks that result in a consolidated workflow or process. Orchestration differs from automation in the sense that automation refers to a single task, and orchestration arranges tasks to optimize a whole workflow. For example, orchestrating security in SAP not only means checking security parameters but also connecting them to other systems (e.g. SIEM). As an SAP security administrator, over the years you implemented ad-hoc automation in various areas (e.g. use of SAP Access Control, use of the SAP Code Vulnerability Scanner, CUA, workflows, etc.) in a very opportunistic fashion. All of those automations are siloed. They are not interconnected and the holistic approach is missing. To avoid these types of implementations and automation, Xiting introduces a holistic and systematic approach that maximizes automation benefits and reduces costs.
SAP Security orchestration with Xiting enables you to accelerate the delivery and implementation of new solutions and services, and adopt hybrid infrastructures by orchestrating processes across multiple solutions, systems and landscapes. Xiting leverages a unified user interface with insight into your security regardless of the solution or system, and a full-stack integration to SIEM tools. Our tools improve the user experience for our customers and provide real-time insight and continuous compliance and governance.
Automating Security with Xiting
To automate and normalize your cybersecurity-related data is a formidable task that often is time-intense and error-prone. Xiting offers machine-driven normalization of your security settings and parameters, along with full contextual search and in-depth data visualization to get to the root cause of your security issues. Our solution comes with best-practice security guidelines based on leading practices from ASUG/DSAG, as well as leading auditing firms. We regularly update our content to stay up-to-date with the ever-changing world of SAP.
The actionable insight into your security empowers you to address security and compliance concerns more quickly and more efficiently. Xiting is designed with advanced workflows and alerting options that ensure that threats and issues never go undetected. Xiting offers real-time insight into an extensive set of issues, for example, like:
- A user got profile SAP_ALL assigned in production
- The change of an important security parameter in a productive environment, e.g. the Security Audit Log has stopped collecting data because the file reached the maximum allowed size
- Newly created RFC connection from DEV to PROD
Real-time visibility into the above issues along with alerting and workflows for proper handling of the situation allows you to stay compliant across the board. The drill-down functionality of our dashboards allows you to visually process issues, but also to dig into a violation to see what happened in greater detail.
Xiting also lets you include visual dashboards and extensive details to support your findings. You can schedule reports to run every day, every week, or whenever needed – every report is stored so that you can always go back and compare past results with the present.
Why Security Orchestration is important
Automation and orchestration of security is an important aspect that enables you to govern your overall security. When threats occur, your business might be immediately impacted due to loss of productivity, data breaches, data manipulation, compliance failures but also reputational risks. All of these occurrences can be costly and must be handled by design.
The multitude of potential cyber-attacks and their vectors often make it impossible to properly manage them. With our tools, we provide proactive measures that allow you to constantly monitor your entire landscape, both on-premise and cloud.
Xiting offers proactive monitoring that lets you build an effective defense against cyber threats using security orchestration and automation for your entire SAP landscape. Security orchestration and automation is important because it helps unify and streamline security measures in a way that enables businesses to quickly deliver more effective responses to cyberthreats.
The Xiting Advantage
Our solution helps you to use your time more effectively by simplifying and automating repetitive manual tasks. We replace slow, manual processes with automated, integrated security orchestration and automation approaches. That includes:
- Monitoring your security landscape: automatically monitor your SAP systems and recognize potential issues. This includes scanning of security parameters, authentication and authorizations, monitoring critical access, logging emergency and elevated access activities, as well as code scanning to ensure your custom code is secured.
- Issue alerts: ability to instantly report if an issue is discovered strengthens access governance. Alerts can be in the form of escalation emails, in-platform notifications, as well as other ways of communication and the integration to your SIEM.
- Mitigate and remediate threats: Xiting offers a mitigation framework to mitigate known risks (e.g. user DDIC has SAP_ALL), as well as detailed insight to provide you the information to remediate the threat immediately. We apply threat intelligence on your vulnerabilities to improve the overall security posture against advanced targeted attacks.
- Reporting and KPIs: Xiting allows you to run periodic reports to demonstrate regulatory compliance requirements are met across your landscape. This includes SAP NetWeaver based systems like SAP ERP, SAP S/4HANA, SAP Solution Manager, etc. but also Java stacks, and SAP’s cloud applications.
The Xiting Security Platform with its native integration with the Xiting Authorizations Management Suite (XAMS), as well as other security tools, not only allows you to centrally monitor your entire SAP landscapes, it also offers tools to remediate issues as they occur.
Xiting goes beyond Monitoring
Xiting plans to offer a variety of additional tools that generate value-add for our customers. The following three topics are key parts of our future offering:
- Identity Consolidation: centrally consolidate identities of your entire SAP landscape, from on-premise all the way to cloud applications. Get insight into your users and their authorizations via a central cockpit.
- Hybrid Risk Analysis: benefit from the ability to centrally analyze Segregation of Duties (SoD) conflicts as well as critical access in your on-premise and cloud applications. Cross-system risks, as well as single-system risks, can be analyzed at the same time.
- Role Mining and Business Roles: our solutions allow us to gain insight into all your SAP applications. We can help you create, maintain and assign business roles to your end-users. With our proprietary rule set, we can tell you which role combination of on-premise and cloud applications shall be combined into a business role.
Contact us to learn more about how Xiting’s solutions can help you to be more efficient, better protected against security threats, and have all the tools available to better support your stakeholders.