Is SAST the Best SAP Security?
- Security
In the KuppingerCole Leadership Compass report, the SAST GRC Suite secured the top position (leader) in the analysis of security management solutions. What contributed to this assessment of the solution?
Growing awareness of organizations
More and more companies are realizing the importance of taking care of IT systems security and risk management. One of the most important parts of this challenge is managing users and controlling their access within the SAP infrastructure.
40% small and medium-sized enterprises lost confidential data in the last 12 months
Precisely because of the growing interest in security issues, KuppingerCole conducted the Leadership Compass study "Access Control/Access Governance for SAP environments." It shows, first and foremost, which solutions available on the market meet the most important security requirements.
For the first time and already on top?
SAST was included in the survey for the first time. This certainly did not prevent it from becoming a leader among third-party solutions supporting SAP security.
The Leadership Compass study analyzes solutions that support the control and management of access to SAP data. The report compares solutions from companies such as Akquinet, CSI tools, Depp Identity, ERPScan, IBM, SAP, Securinfo, SIVIS and Xpandion. The results primarily allow a preliminary assessment of the effectiveness of the various solutions, and support the appropriate decision regarding the choice of the right tool. Certainly, the report compares individual functionalities and their effectiveness in securing SAP. In the overall evaluation, SAST GRC Suite came in second place and (along with the solutions from SAP itself) was the only vendor to receive a "Leading Provider" ("Leading Provider") rating.
Evaluation criteria
The element that determines such a high rating is that SAST is a comprehensive and highly developed set of tools that covers all GRC requirements with its scope. The software consists of modules that can be integrated directly into SAP. Therefore, it provides all the required functionality to secure the system. Among them: analysis of downloaded SAP data, logging into HCM or full real-time system monitoring).
- The SAST GRC Suite solution is a novel and innovative offering for all business users maintaining their business on SAP infrastructure, said Matthias Reinwarth, senior analyst at KuppingerCole. - The solution in question is first and foremost a comprehensive, extensively tested set of solutions, covering the requirements of all relevant areas of risk management and data compliance in an SAP environment. It is both a traditional GRC security system and a solution for code validation or real-time analysis.
KuppingerCole Leadership Compass report "Access Control/Access Governance for SAP environment" can be downloaded here: https://www.kuppingercole.com/reports
Tomasz Jurgielewicz
Head of Security Department at Lukardi. For the past 10 years, he has led a team of SAP Security specialists, providing comprehensive services and tools to secure SAP systems and optimize licenses. Experience in the areas of: - identification of authorization conflicts and authorization reorganization, - identification of SAP vulnerabilities, - integration of SIEM solutions with SAP, - optimization of SAP licenses.