SAPinsider EMEA 2023 | Cybersecurity

Numerous SAP applications allow users to attach and upload files. Not securing these uploads puts your organization at risk, technically, compliance-wise, and legally. Learn how to protect your SAP application layer from malware and other file-based threats, leveraging SAP’s built-in Virus Scan Interface. This lab focusses on Cloud installations – see our other lab-session On-Premises installations.

You will:

• Understanding the architecture of the SAP Virus Scan Interface.
• Activating the Virus Scan Provider to your SAP-kernel.
• Connecting to a cloud-based Anti-Malware service
• Creating Virus Scan Profiles for simple malware detection.
• Expanding Virus Scan Profiles for advanced threat detection.
• Monitoring and Logging using SAP standard tools and Web-based analytics.

Joerg Schneider-Simon bowbridge Software GmbH CTO With over 25 years of experience in the cyber-security market, Joerg Schneider-Simon, CTO of bowbridge Software, combines a deep technical understanding of cyber threats with a passion for creating solutions to real-world customer problems. Before co-founding bowbridge Software in 2005, Joerg held technical and product marketing positions at industry-leading companies like Check Point, Barracuda Networks, and Trend Micro in Europe and Silicon Valley.

As cyber-attacks continue to multiply, organizations must take measures to prevent the high costs associated with data breach. Conventional security safeguards are increasingly inadequate for protecting the information held in your SAP systems. The session will explore why passwords are the most vulnerable aspect of the security system and how implementing Single Sign-On (SSO) can improve user productivity by allowing users to rely on single strong password or, if required, enabling password-less authentication (zero passwords required). This approach can be combined with policy-based Multi-Factor Authentication (MFA) in line with a Zero Trust framework following a Zero Trust architecture to further increase security while maintaining user productivity.

You will:

• Identify the risk of external and internal attacks in your SAP landscape.
• Minimize the reliance on passwords.
• Understand the pros and cons of applying Multi-Factor Authentication (MFA).

John Mortimer CyberSafe Security ConsultantJohn Mortimer is a security consultant at CyberSafe Limited. John has over 20 years’ experience working with multi-national organizations helping address their enterprise software needs. For the last ten years, John has been helping organizations who are using SAP products, and needing to improve security, often to meet compliance requirements, and utilizing appropriate user authentication (SSO and 2FA/MFA), identity and access management, and secure data transfer.

The implementation of a holistic security architecture is becoming indispensable in the age of cybersecurity and the rapid increase of new applications. The use of cloud-based applications is creating hybrid landscapes that present many customers with new challenges. Not only do cloud solutions need to be secured and documented, but new interfaces between cloud and on-premise solutions are emerging, which need to be implemented cleanly.

You will:

• Learn about the complexity of hybrid landscapes.
• Explore the seamless connection of cloud-based SAP solutions using the Xiting Security Platform and the Xiting Content Platform.
• Gain insights into practical GRC use cases with the Xiting Security Platform and the Xiting Content Platform.

Alessandro Banzer Xiting CEO USAAlessandro has worked in the field of IT since 2004, specializing in SAP in 2009 and working on global SAP projects in various roles since that date. Alessandro is an active contributor and moderator in the Governance, Risk, and Compliance space on SAP SCN. Alessandro is in charge of Xiting’s operations in the United States and a subject matter expert in SAP Access Control, SAP Cloud IAG, and SAP Security. Alessandro is a regular speaker at Sapphire, ASUG, SAP Insider, SAP TechEd, and other SAP Security related events.

Impact 20 Cybersecurity

Authentication methods have developed and changed over time. For many years, passwords have been the common practice with nearly every application requiring one. To reduce the burden of remembering multiple passwords and enhance user efficiency, Single Sign-On (SSO) was implemented. However, despite this, passwords increasingly became a target for phishing attacks, leading to a rise in security violations. This prompted the implementation of two or multi-factor authentication (2FA/MFA), necessitating additional verification measures to ensure that attackers cannot gain access even if they have the user’s password. The optimal situation is one where the users don’t have to remember any passwords yet can still confirm their identity. As the need for strong authentication grows in a zero-trust environment where it is viewed as the “golden bullet,” the demand for passwordless authentication is on the rise.

You will:

• Explore the evolution, benefits, and practical application of Passwords, SSO, 2FA/MFA, Passwordless, Zero Trust.
• Understand how multiple authentication methods are used across different platforms and the complexities involved.
• Gain a comprehensive understanding of passwordless authentication methods and their practical application in today’s digital landscape.

Tim Alsop CyberSafe CTO Tim Alsop is an expert with over 25 years of experience in SAP security, especially related to encryption, authentication, secure single sign-on and more recently in two/multi-factor authentication for users who logon to SAP systems.

Cafe Session Cybersecurity

The digital revolution is accelerating at an unprecedented pace, placing security and performance at the forefront of business priorities. Remote Function Calls (RFCs) play a vital role in these priorities, enabling seamless data exchange but often acting as a gateway to vulnerabilities. This session will explore how businesses can harness the synergy of SAP’s Unified Connectivity (UCON) framework and sound authorization management to bolster security and efficiency in RFCs. SAP UCON adds a robust layer of protection by preventing unnecessary external access to Remote Function Modules (RFMs). However, while UCON restricts external access, it doesn’t regulate user-level access; that’s where tailored authorizations come into play. By effectively reauthorizing RFC users, the risks of over-privileged RFC interfaces and corresponding technical users can be minimized without hindering operational flow. The combination of these two elements offers a comprehensive solution for securing and optimizing your SAP systems.

You will:

• Gain practical insights into how these tools can be used, potential challenges that might be encountered, and how to maximize their potential to benefit your business operations.
• Explore how to configure and leverage SAP UCON for RFC interface security, and the critical role of the default communication assembly.
• Understand why SAP UCON is not a standalone solution and why proper user-level authorization management is required.
• Learn how XAMS enhances role building and testing, streamlines RFC authorization creation, and optimizes RFC interfaces with minimal operational disruption.
• Learn the synergistic benefits of utilizing both SAP UCON and XAMS in securing and optimizing SAP systems, including an understanding of the dual-check process in SAP’s security framework.
• Discover best practices and practical steps for harnessing the power of standard solutions in your SAP system.

Alessandro Banzer Xiting Principal SAP SecurityAlessandro has worked in the field of IT since 2004, specializing in SAP in 2009 and working on global SAP projects in various roles since that date. Alessandro is an active contributor and moderator in the Governance, Risk, and Compliance space on SAP SCN. Alessandro is in charge of Xiting’s operations in the United States and a subject matter expert in SAP Access Control, SAP Cloud IAG, and SAP Security. Alessandro is a regular speaker at SAPPHire, ASUG, SAP Insider, SAP TechEd, and other SAP Security related events.

Julian Petersohn Fortinet Global SAP System EngineerJulian is the Global SAP Security Engineer at Fortinet. In this role, Julian develops and designs SAP Security Solutions for Fortinet. He researches actual SAP threats and builds solutions to prevent unwanted access to data. In the past, Julian worked as an SAP Security Consultant where he gained experience in penetration testing and security audits of SAP systems.

OMV will share insights on SAP cybersecurity and explore various SAP solutions that are instrumental in achieving a holistic security standard, enhancing how they secure and execute compliance requirements. This session will delve into OMV’s journey and the array of solutions they have implemented, featuring tools such as SAP Configuration Validation, SAP System Recommendation, SAP Enterprise Threat Detection, and SAP Code Vulnerability Analyzer.

You will:

• Learn how you can benefit from SAP standard security products.
• Learn the elements necessary to gain a comprehensive view of SAP security.
• Investigate strategies to protect SAP applications from cyber threats.

Daniel Preiser OMV Aktiengesellschaft Senior Expert SAP Cyber Security Architecture & SIEM Daniel’s responsibility in the SAP Cyber Security area compasses the real-time monitoring of SAP applications using SAP Enterprise Threat Detection, the secure and compliant configuration of SAP systems as well as the constant patch & upgrade management of SAP systems.

This session will educate participants on enhancing the security of their SAP Business Technology Platform (BTP) environment. Attendees will get a comprehensive overview on how to configure SAP BTP services securely. From identity authentication and secure connectivity to leveraging the audit log service, the session will cover the essential techniques to fortify SAP BTP environment against security threats and ensure that participants are equipped with essential techniques and strategies to secure their SAP BTP environments.

You will:

• Understand the foundation for a secure configuration.
• Gain insights to a broad spectrum of vital security techniques, ranging from identity authentication to secure connectivity.
• Learn to utilize the audit log service effectively within the SAP BTP environment.

Juergen Adolf SAP Security Expert Security Solutions Expert at SAP, guiding customers on our security products and features. I address queries, offer insights, and showcase the benefits of our business technology platform. At SAP and non-SAP events, I conduct lectures and hands-on sessions. I bridge customer needs to development, ensuring our products stay cutting-edge. Dedicated to creating a safer digital world, I continuously learn and advocate for robust cybersecurity practices.

Think your anti-virus software shields your SAP applications? Think again! Numerous SAP-based applications enable users to attach documents or files to various business processes. Whether it’s a job applicant uploading a CV, photos taken by a field technician using a FIORI app, or a sales representative scanning a lunch receipt for a travel expense application, these uploads can carry hidden risks. Most businesses understand that malware may accompany these uploaded files, and as a result, they install state-of-the-art anti-virus software to scan files, inbound emails, and web traffic across all desktops and servers. With this measure in place, they often believe their company is safeguarded.

But the reality is, this protection only extends to the OS level. Since OS-level anti-virus solutions do not detect uploads into SAP applications, SAP systems and users remain exposed.

This joint session by bowbridge and Henkel will explore how Henkel is managing this overlooked threat by integrating SAP-certified, SAP VSI-compliant anti-malware, and content-scanning solutions into both on-premises and cloud environments.

You will:

• Understand how unrestricted file uploads threaten SAP applications.
• Learn about SAP’s Virus Scan Interface VSI.
• Explore how Henkel implemented VSI-based protection on-prem and in RISE.

Jörg Schneider-Simon bowbridge Software Chief Technology Officer With over 25 years of experience in the cyber-security market, Joerg Schneider-Simon, CTO of bowbridge Software, combines a deep technical understanding of cyber threats with a passion for creating solutions to real-world customer problems. Before co-founding bowbridge Software in 2005, Joerg held technical and product marketing positions at industry-leading companies like Check Point, Barracuda Networks, and Trend Micro in Europe and Silicon Valley.

Markus Hille Henkel Manager SAP Security Markus Hille is Manager SAP Security at Henkel, a German multinational chemical and consumer goods company headquartered in Düsseldorf. He holds a degree in Computer Science from University of Bonn and combines it with 7 years of experience in SAP technologies and 5 years specialized in SAP security to design and implement usable security solutions based on secure architectures and processes across Henkel’s large and hybrid SAP system landscapes.

This session will explore the process Kerry Group followed to implement a global SAP landscape, including SAP Access Control. The speakers will elaborate on the requirements Kerry had at a process level and how SAP Access Control was integrated with Service Now, which made its operations safer and easier to handle. The session will also explore the multiple improvements which have been applied, examine the current challenges, and investigate the security strategies to address them.

You will:

• Provide an overview of Kerry and Kerryconnect project.
• Learn about the evolution of Kerry’s SAP Access Request process.
• Focus on the Leavers Process IGA Integration and Early Watch Alerts now in SAP for Me.
• Learn about the Self-Service Execution of Security Optimization Service via Solution Manager.
• Explore the Cyber Security tools for an SAP landscape.

Guillermo Casado Kerry Group ICT SAP Security Lead SAP Security specialist based in Cork, Ireland with over 18 years of SAP experience, 13 of them on Security, having worked in all landscapes and modules.

Cybersecurity challenges are evolving every day – new attack methods, compliance requirements, and technologies like AI require us to stay up-to-date on the latest challenges and trends. In 2023, cloud computing continued to redefine the architecture of the SAP landscape, new attack vectors were identified for different SAP technologies, compliance requirements like DORA have been introduced, and some companies haven’t even begun their transition to S/4HANA. To prepare ourselves for 2024, we’ll show todays’ SAP security challenges for small and big companies and give an outlook to 2024. Are you prepared?

You will:

• Learn about the current SAP security challenges and where are we heading in 2024.
• Hear what has happened in 2023 related to SAP security.
• Learn about the current technological challenges and threats.
• Examine how AI influences SAP cybersecurity.

Frederik Weidemann Orgaverse GmbH CEO Frederik has 17 years of experience in the IT security industry and holds a diploma in computer-science. He has focused on ERP and SAP Security since 2006 and has presented over 50 times at security and SAP related conferences including RSA, Troopers, SAP TechEd, and others. Frederik is also the co-author of the first book on Secure ABAP Programming. Prior to joining Orgaverse, he was Chief Technical Evangelist at Onapsis driving innovation.

Nintendo’s journey with SAP is a testament to the positive outcomes achievable when technology and security are given the attention they deserve. The session will display Nintendo’s experience to inspire others and showcase the impact of SAP Enterprise Threat Detection (ETD) in safeguarding critical assets.

You will:

• Learn about Nintendo’s SAP Journey – their entry into SAP and their path so far, technologies used, and security considerations.
• Gain insights into Nintendo’s initial technology adoption and subsequent upgrades to enhance performance and efficiency.
• Learn how Nintendo took a proactive stance on IT security, transforming their SAP environment into a stronghold against potential threats.
• Explore the features and capabilities of SAP ETD, and how Nintendo leveraged this tool to strengthen their security posture.

Andreas Lang Nintendo Of Europe GmbH SAP Architecture & Technology Manager Andreas, a dedicated professional with 25 years at Nintendo, has played a pivotal role in numerous software solution implementations as a project manager, software, and database developer. In the SAP implementation, he took charge of architecture, technology, and development. Since 2018, Andreas has been leading SAP Business Platform Support, ensuring the seamless operation of the SAP landscape.

This session will offer a glimpse into the journey of one of Onapsis’s customers, including a detailed examination of the implementation process and an overview of the deployed products that ensure the customer’s business remains secure.

You will:

• Gain knowledge about key aspects of security, including Vulnerability Management, Patch Management, Compliance Management, Threat Management, Security Operations Center integration, and Secure Software Development.
• Explore strategies for ensuring that SAP Security is integrated and not treated as a standalone island, thereby enhancing overall protection.
• Get insights into the Onapsis Platform, learning about its capabilities and how it contributes to a robust cybersecurity framework.

Onapsis

“The future is already here – it is not evenly distributed.” Even though early adopters began moving to the public cloud a decade ago, we find ourselves still at the initial stages of Cloud Transformation. This transformation’s impact ripples through organizations in ways that many are unprepared for. Adopting a cloud-native approach necessitates a transformation that goes far beyond developer teams, affecting every layer of an organization.

Current cloud best practices remain undefined. Our conventional frameworks and playbooks, built on years of expertise, often don’t align well with the unique demands of the cloud. How then do we communicate this new paradigm to colleagues, partners, auditors, and customers? The new security risks of the cloud are ever-present, but the cybersecurity industry itself is in transition, with vendors, offerings, and even market categories in constant flux. At the same time, major cloud providers continue to advance their services at an impressive pace.

SAP managed to navigate these complex challenges as its multi-cloud landscape expanded rapidly. This was achieved by fostering a shared sense of destiny across the organization. Attend this session to glean insights from SAP’s experience,and arm yourself with the knowledge needed to secure your own cloud journey, embracing both the opportunities and the unique challenges that the cloud presents.

You will:

• Understand cloud security fundamentals and learn the core principles and best practices for cloud security.
• Explore the approaches of shared responsibility models, where both the cloud provider and the user have specific roles in ensuring security, as well as the tools and techniques used to protect data, applications, and networks in the cloud.
• Learn how to tailor security measures to fit your unique cloud environment and business requirements.
• Gain insights into how to align cloud security strategies with legal requirements such as GDPR, HIPAA, or other industry-specific regulations, ensuring both legal compliance and a robust security posture.

Jay Thoden van Velzen SAP

The session will take the participants on a comprehensive journey through the security landscape of RISE with SAP and GROW with SAP solutions, and will render invaluable insights into the enhanced protection and resilience they offer. The session will shed light on the cutting-edge technologies and advanced encryption mechanisms deployed to safeguard sensitive data and help complying with regulatory requirements in the cloud environment. Moreover, attendees will explore the key differentiators that distinguish cloud-based security from conventional on-premise SAP security practices. From the role of cloud service providers to the integration of continuous monitoring and threat detection, this session will elucidate the transformational shift in security paradigms with the adoption of cloud-based SAP solutions.

You will:

• Learn how RISE with SAP and GROW with SAP solutions enhance protection and resilience in a cloud environment.
• Explore the cutting-edge technologies and advanced encryption mechanisms that are crucial for protecting sensitive information.
• Understand how new security measures facilitate compliance with regulatory requirements.
• Recognize the unique attributes and benefits of cloud security and the key differences that set cloud-based security apart from traditional on-premise SAP security practices.
• Investigate the role of cloud service providers and the integration of continuous monitoring and threat detection within the cloud-based SAP solutions.

Gabriele Fiata SAP

Understanding the potential impact of cyber threats on business processes and estimating potential losses is crucial for making informed risk-based decisions. This session will explore the concept of Cyber Risk Quantification, its significance in today’s cybersecurity strategies, and the process of quantifying cyber risks especially in the SAP realm, while providing practical insights into its implementation and benefits. The session will include a demo of the cybersecurity dashboard on SAP Analytics Cloud, a powerful tool tailored to monitor, analyze, and respond to security incidents within SAP systems.

You will:

• Learn about Cyber Risk Quantification and how it helps in measuring and prioritizing risks, particularly in the context of SAP systems.
• Gain practical knowledge on how to implement Cyber Risk Quantification, including the methodologies and tools required to effectively quantify and manage cyber risks.
• Attend a live demonstration of the cybersecurity dashboard on SAP Analytics Cloud and understand how this powerful tool can be tailored to monitor, analyze, and respond to security incidents in SAP environments.

Gabriele Fiata SAP

This session will allow the participants to discover the latest advancements and future trajectory of SAP Security Solutions. Led by SAP security experts, the session will delve into the newest innovations and enhancements in SAP Security Solutions, offering participants a comprehensive overview of the state-of-the-art tools and technologies available for bolstering their organization’s defenses. Attendees will gain exclusive insights into SAP’s strategic roadmap, exploring the company’s proactive approach to addressing emerging security challenges. Whether you are a seasoned IT professional or a business leader, join us to gain valuable perspectives on securing your SAP environment and charting a secure course for your digital future.

You will:

• Get a holistic understanding of state-of-the-art SAP Security Solutions.
• Gain insights into SAP’s proactive strategies for tackling emerging security challenges.
• Learn about strategies to secure your SAP environment and navigate the path to a protected digital future.

Arndt Lingscheid SAP

Designed to provide a hands-on understanding of SAP Enterprise Threat Detection (ETD), this session, led by a team of SAP ETD specialists will learn to effectively identify suspicious activities in SAP S/4HANA and implement proactive mitigation strategies to prevent data breaches. The session will equip attendees with the skills to implement forward-thinking strategies that can prevent such breaches from occurring. By combining theoretical knowledge with practical application, this session aims to empower attendees with actionable insights to enhance their SAP environment’s security.

You will:

• Gain an in-depth understanding of SAP Enterprise Threat Detection and its application in SAP S/4HANA.
• Understand how SAP ETD functions, its features, and its importance in identifying potential threats within SAP environments.
• Recognize how to monitor and detect suspicious activities that could signify potential data breaches.
• Learn to implement proactive measures to prevent data breaches and apply mitigation strategies effectively within SAP S/4HANA.

Arndt Lingscheid SAP

The digital revolution is accelerating at an unprecedented pace, placing security and performance at the forefront of business priorities. Remote Function Calls (RFCs) play a vital role in these priorities, enabling seamless data exchange but often acting as a gateway to vulnerabilities. This session will explore how businesses can harness the synergy of SAP’s Unified Connectivity (UCON) framework and sound authorization management to bolster security and efficiency in RFCs. SAP UCON adds a robust layer of protection by preventing unnecessary external access to Remote Function Modules (RFMs). However, while UCON restricts external access, it doesn’t regulate user-level access; that’s where tailored authorizations come into play. By effectively reauthorizing RFC users, the risks of over-privileged RFC interfaces and corresponding technical users can be minimized without hindering operational flow. The combination of these two elements offers a comprehensive solution for securing and optimizing your SAP systems.

You will:

• Gain practical insights into how these tools can be used, potential challenges that might be encountered, and how to maximize their potential to benefit your business operations.
• Explore how to configure and leverage SAP UCON for RFC interface security, and the critical role of the default communication assembly.
• Understand why SAP UCON is not a standalone solution and why proper user-level authorization management is required.
• Learn how XAMS enhances role building and testing, streamlines RFC authorization creation, and optimizes RFC interfaces with minimal operational disruption.
• Learn the synergistic benefits of utilizing both SAP UCON and XAMS in securing and optimizing SAP systems, including an understanding of the dual-check process in SAP’s security framework.
• Discover best practices and practical steps for harnessing the power of standard solutions in your SAP system.

Alessandro Banzer Xiting SAP Security ExpertAlessandro has worked in the field of IT since 2004, specializing in SAP in 2009 and working on global SAP projects in various roles since that date. Alessandro is an active contributor and moderator in the Governance, Risk, and Compliance space on SAP SCN. Alessandro is in charge of Xiting’s operations in the United States and a subject matter expert in SAP Access Control, SAP Cloud IAG, and SAP Security. Alessandro is a regular speaker at SAPPHire, ASUG, SAP Insider, SAP TechEd, and other SAP Security related events.

Julian Petersohn Fortinet Global SAP System EngineerJulian is the Global SAP Security Engineer at Fortinet. In this role, Julian develops and designs SAP Security Solutions for Fortinet. He researches actual SAP threats and builds solutions to prevent unwanted access to data. In the past, Julian worked as an SAP Security Consultant where he gained experience in penetration testing and security audits of SAP systems.

Businesses today are in a constant state of digital transformation. SAP software plays a key role in driving this transformation by offering comprehensive solutions that boost efficiency, scalability, and innovation throughout the entire enterprise. A rise in ransomware attacks, along with new privacy laws designed to protect personal data, means securing your SAP environment is more crucial than ever. Security breaches can result in downtime, high costs, and damage to your organization’s reputation. Join the session to get a clear roadmap for safeguarding your SAP systems while simultaneously fostering an environment for innovation and transformation.

You will:

• Take a holistic view of your cybersecurity strategies to make sure they address the current threats.
• Learn how to implement a strategy to respond to breaches and attacks.
• Learn how to ensure SAP security from the platform’s core.

Brian Petch SUSE Sales EngineerBrian has worked in the IT industry for thirty years, across a variety of technical positions including Technical Pre-Sales roles with Hewlett Packard Enterprise and SUSE, where he has been for the last five years. Across that time he has been involved in a number of SAP projects, dealing with aspects such as sizing, infrastructure design and high availability architecture.

Hendrik Heyn xiting Global CEOHendrik Heyn is the Global CEO of Xiting since 2022. His prior roles include serving as the Managing Director of Xiting GmbH in Germany since 2018. Hendrik has several years of experience as a SAP Security Consultant and has been working on various SAP authorization projects. He is focused on the strategic and forward-looking direction of the Xiting product portfolio.

A secure SAP platform can’t be understood without a patched and updated SAP environment. Vulnerabilities pose a significant risk to an organization’s operation, and patching is crucial to maintain system security and stability, so patching and updating software is always a top priority. However, the reality of patching complex systems like SAP differs from patching less complex software that isn’t mission-critical. The patch of the system may mean service downtime and a complex operation that could directly impact a company’s business, creating a paradox. Join the session and learn how SUSE can help you update complex systems like SAP.

You will:

• Learn what the paradox of patching is and how its impact your business.
• Understand why critical systems tend to be less patched, despite the priority of securing the platform, and why it is crucial to address security and stability.
• Learn how to build a more straightforward patching process that requires neither service downtime nor more maintenance windows.

Stephen Mogg SUSE Public Cloud Solutions Architect (AWS)With a passion for Open-Source solutions, Stephen has been working at SUSE for over 20 years. In that time, Stephen has been a trusted partner, adviser and advocate for SUSE technology in businesses across Europe. In recent years, his focus has been increasingly concentrated around the AWS Cloud. As it gathers mindshare and is seen as a favored destination for nearly every workload, he is working with SUSE, AWS Channel and Public Cloud partners to support SUSE customers on this journey.