Layer Seven Launches New Edition of Cybersecurity Extension for SAP

Layer Seven Security has officially released the Cybersecurity Extension for SAP, NetWeaver Edition, marking a significant shift in how organizations can secure their business-critical SAP environments. The new release eliminates the dependency on Application Lifecycle Management (ALM) platforms such as SAP Solution Manager (SolMan), SAP Focused Run (FRUN), and SAP Cloud ALM, allowing direct deployment to SAP NetWeaver AS ABAP systems, including SAP GRC, SAP ERP, and SAP S/4HANA.

With SAP Solution Manager nearing end of maintenance in 2027, Layer Seven Security’s new NetWeaver Edition enables enterprises to protect mission-critical SAP applications without relying on ALM platforms. The release gives SAP teams a streamlined path to vulnerability management, custom code security, patching, and threat detection.

The move comes as SAP prepares to retire mainstream maintenance for SolMan by December 31, 2027. For enterprises running SAP GRC, SAP S/4HANA, and SAP ERP on NetWeaver, the update offers a direct, lightweight way to address cybersecurity requirements while avoiding technical debt from aging ALM platforms.

A Security Shift Away from SolMan

Originally engineered as an add-on for SAP ALM platforms, Layer Seven Security’s Cybersecurity Extension leveraged components such as the Extractor Framework, Configuration and Change Database (CCDB), System Recommendations, and Monitoring and Alerting Infrastructure (MAI). But with SolMan’s support horizon now in sight, Layer Seven Security redesigned the product in 2024 to function independently.

The result, completed in July 2025, enables deployment to any SAP NetWeaver AS ABAP system, version 7.40 or higher. This includes all SAP ABAP and HANA solutions and SAP ASE databases, including SAP ECC and SAP S/4HANA. By decoupling from SolMan and FRUN, organizations can now integrate security directly into their existing SAP landscape, including RISE with SAP, without requiring external connections or integration with SAP Cloud ALM.

The NetWeaver Edition includes the complete suite of core security applications: vulnerability management, patch management, custom code security, compliance reporting, and threat detection with security alerting and forensics capabilities. This comprehensive coverage extends to all SAP ABAP and HANA solutions, as well as SAP ASE databases, encompassing both SAP ECC and S/4HANA environments.

Future releases are already mapped out. A second release, scheduled for September 2025, will extend coverage to SAP AS Java, SAP Cloud Connector, SAProuter, SAP Web Dispatcher, and SAP Cloud Services, including SAP Business Technology Platform (BTP). By December 2025, Layer Seven Security aims to deliver full parity with the SolMan-based edition, including cross-stack monitoring of operating system and database security.

What This Means for SAP Insiders

IT infrastructure simplification drives 2025-2027 SAP security strategy. The approaching December 31, 2027, end-of-life for SAP Solution Manager is accelerating enterprise decisions to eliminate complex ALM dependencies across their SAP landscapes. Organizations are prioritizing security solutions that reduce operational overhead while maintaining comprehensive coverage, reflecting broader industry trends toward infrastructure consolidation and cost optimization. This shift represents a fundamental change in how enterprises approach SAP security architecture, with direct deployment models becoming the preferred standard for new implementations.

Eliminate SolMan dependency to improve SAP security operations. For SAP leaders, the NetWeaver Edition eliminates the need for SAP Solution Manager and FRUN, which have limited support timelines. This independence simplifies security monitoring by integrating tools directly into NetWeaver-based systems like ECC, GRC, and S/4HANA. CIOs and CISOs benefit from faster deployment with less operational overhead, potentially easing the burden on IT teams. By removing the SolMan dependency, companies avoid lock-in to an aging platform and enhance long-term agility.

Expand SAP security coverage across hybrid and cloud environments. Layer Seven Security’s roadmap guarantees that customers adopting hybrid or RISE models can extend security seamlessly to Java, SAProuter, SAP Web Dispatcher, and SAP BTP. This expansion aligns with how many enterprises are modernizing SAP landscapes, distributing workloads across on-premises and cloud systems. As enterprises diversify infrastructure, broader coverage reduces risk and the need for point solutions. This creates a more resilient security framework tailored to today’s evolving SAP deployments.