SECUDE Security Center

SECUDE Security Center is a security analysis software platform tuned specifically for the SAP NetWeaver environment; it scans SAP instance configurations on an automated schedule for potential vulnerabilities based on company-specific guidelines and general best practices, and alarms/reports risks to appropriate personnel.

The product runs on a central server with a DB connection and is accessed via a browser-based interface. In brief, the product connects to the specified SAP instances ("up to hundreds") on an administrator defined schedule, gathers information pertaining to each SAP configuration, and returns this information to the central server for analysis and storage. Reports and alarms can be generated from this stored data for various stakeholders in the organization.

SECUDE Security Center bases its findings on an analysis of current configurations and comparison to pre-packaged best practice information, which the vendor states is frequently updated. This information contains definitions of the vulnerabilities that should be checked for, information pertaining to their resolution, and SAP NetWeaver security advisories, all of which can be accessed by the organization's security administrators. The pre-packaged information is delivered in modular components known as "Expertise Packs," with the customer able to select those packs most relevant to their organization and needs. As of this writing, two such packs are available: The Expertise Pack for SAP RFC, which helps to detect vulnerabilities in SAP Gateway configurations; and the Expertise Pack for User Access, which analyzes user-access specific vulnerabilities (vulnerabilities related to roles and permissions are not analyzed; as this platform is focused only on the NetWeaver and not the business process layer). The vendor states that additional Expertise Packs are in development.

Contact SECUDE International for further information.