Securing SAProuter: How to Get More Complete Protection for This Critical SAP Asset

We’ve been raising awareness of rising cyber attacks targeting critical SAP systems for years now. Most recently, we partnered with Flashpoint on a new threat report that detailed alarming increases in ransomware incidents involving compromised SAP systems and proof that unpatched SAP vulnerabilities are actively being exploited for financial gain, espionage and sabotage. What are you doing for protection?

We’re happy to see more and more organizations responding to this elevated SAP threat landscape by turning their attention to hardening their SAP applications and investing in improving their SAP security postures. This applies not only to “traditional” assets across the SAP tech stack (e.g., ABAP, HANA, JAVA), but also specific applications, such as SAP SuccessFactors, SAP BTP, and SAProuter.

What is SAProuter?

SAProuter is a software application that acts as a proxy between SAP systems or between SAP systems and outside networks. It can also act as an additional firewall for customers’ SAP systems and helps organizations control access to their SAP. It is an essential asset within SAP landscapes, used by virtually every organization running SAP.

Why is protecting SAProuter so important?

SAProuter is a network-accessible point of ingress for attackers that, if successfully breached, could allow unauthorized access to an organization’s critical SAP system. Given this, it’s essential that organizations include SAProuter in their SAP cyber-resilience plans. Two key strategies for protecting an application like this–per NIST, as well as Onapsis and SAP–are:

• Vulnerability management (e.g., identifying asset vulnerabilities, understanding their risk, remediating)
• Continuous threat and security monitoring (e.g., detecting threats and anomalous activity, understanding impact, mitigating)

However, implementing those strategies is much easier said than done. Most of the tools security teams would traditionally use to accomplish this don’t sufficiently support SAP, especially not specific applications like SAProuter. This leaves InfoSec without the visibility and context they need to effectively identify and manage vulnerabilities and monitor for suspicious behavior within this critical, external-facing application.

Securing Your SAProuter Just Got a Lot Easier with Onapsis

Onapsis makes it easy for customers to run both point-in-time vulnerability scans and continuous threat monitoring for SAProuter, giving them more complete protection aligned with cybersecurity best practices and NIST recommendations.

Last year, we released Onapsis Assesssupport for SAProuter, allowing our customers to extend their vulnerability management efforts to this critical asset with automated, targeted scans and risk-driven analysis to help them prioritize and accelerate response. With this product enhancement, customers can eliminate the need to manually review SAProuter SecurityNotes and releases and automatically identify insecure configurations that could allow unauthorized access to SAP systems.

And now, we’re very excited to announce that we’ve updated Onapsis Defend to support SAProuter as well. Customers are now able to continuously monitor SAProuter for insider threats and potential indicators of compromise, while gaining the ability to:

• Detect unauthorized user access faster with targeted alerts for logins by specific users, logins from external networks, and anomalous or unsuccessful login attempts.
• Identify unapproved or unexpected changes to the access control list (ACL) that could open unauthorized access to their SAP systems.

And because the Onapsis Platform doesn’t sit directly on your SAP systems, you won’t have to worry about compromising the security of or stealing resources from your critical production SAP landscape.

We’re proud to provide the most complete protection coverage for the most critical SAP targets than any other competitor in the market. From RISE with SAP and SAP BTP to SAP SuccessFactors and across the SAP tech stack, Onapsis helps secure what matters most to global organizations.