CYBERSECURITY & GRC FOR SAP

One mistake that can cost your company millions of financial loss

Cyber security of data, processes and systems in the company is no longer a luxury nor optional solution.
Contact us

The continuous development of cyber-crime has become a fact, and companies are leaking millions per year (PWC report "Global Economic Crime Survey 2020").

This is the money that can be spent on development and investment. Instead, it ends up in the pockets of cybercriminals or is "burned through" by any post-attack repairs.

These companies have trusted us

Pobierz Darmowy E-book o bezpieczeństwie SAP

Zapisując się do newslettera, wyrażasz zgodę na przesyłanie Ci informacji o nowościach, produktach i usługach Lukardi S.A.
Zgodę możesz w każdej chwili wycofać, a szczegóły związane z przetwarzaniem Twoich danych osobowych znajdziesz w polityce prywatności.

SAP System is still not enough

Many companies have SAP security systems - but let's be honest - very few of them know how to use them correctly and use all the possibilities.

It's like you've got a fancy new Jaguar in your garage, and you don't have a license to drive it. You can look and admire, but such a car unused - deteriorates...
It is similar to cyber security in the company. So what if you have invested several funds in a system that you are not fully using? Do you think that just having it and installing it is enough and you are safe?

Just as improper use of the car leads to additional high costs, also gaps in security systems can cause enormous, irreversible losses. Do you think it only happens to others?
Read more

This doesn't concern my company - are You sure?

Unfortunately, it doesn't work that way.

Now that you're reading this, your company could be robbed. Cyber-attacks on information systems are becoming more and more insolent and destructive. Cyber-attacks on information systems are becoming more and more insolent and destructive.

At the same time, the cybercriminal indiscriminately scours all the resources of the company, having unlimited access to the data of customers, investors, finance and counter-parties. It takes money, it destroys the reputation and trust of investors, everything that the company has worked for years.
And when, after more than 3 months, you realize something is wrong, you will need another 60 days to fix the security holes. During this time, the thief will be elusive and your position on the market will be shaken, not to mention the loss of customers, contractors and investors.
Read more

Why is it more expensive to rebuild an infected system than to secure it?

Such a damaged and attacked system can be rebuilt and re-secured, but this takes time and entails additional costs. It is much cheaper, easier and safer to prevent such situations.

Our experience shows that more than 70% of customers come to us after a security incident. Some of them have been badly affected by the attack, and they don't want it to happen again. When auditing, we find a glut in security systems, incredible financial losses, ruined PR and lack of trustworthiness.
Simply having SAP systems is not enough. It is a powerful tool, but it doesn't do much on its own. Awareness, knowledge and additional systems are needed to improve and facilitate real-time cyberattack control.
Read more

One decision that will save you money

As in other areas, also in cybersecurity, it is better to prevent than to cure.

Restoring and securing a broken system will take a lot of money and time. Rebuilding your reputation and trust may never happen.
Loss of credibility is a huge blow for customers and contractors. Even the most loyal ones may turn away. However, is it possible to prevent attacks in 100% in times when the most powerful security measures are constantly being breached and data is leaking even from government and banking systems? Businesses seem to be helpless in the face of increasingly well-trained cybercriminals. But no.
Read more

Pobierz Darmowy E-book o bezpieczeństwie SAP

Zapisując się do newslettera, wyrażasz zgodę na przesyłanie Ci informacji o nowościach, produktach i usługach Lukardi S.A.
Zgodę możesz w każdej chwili wycofać, a szczegóły związane z przetwarzaniem Twoich danych osobowych znajdziesz w polityce prywatności.

Software to protect against cyber-attacks from outside and inside the company

You probably trust your employees, and you can't imagine a cybercriminal being one of them.

Why is this happening? This is often the fault of poor data management, excessive permissions and lack of control over authorizations.

Research conducted by Price Waterhouse Coopers shows that 63% of abuse comes from within the company.

Think that 2/3 of all cyber thefts are committed by employees.

Real-Time Control
Immediate Threat Alert
You Know Who is Attacking
Biometric Security

Full real-time control

The SAST Suite is a real-time tool that monitors the SAP system and allows for comprehensive security management.

A rally car needs a professional driver. For SAP, this driver is the SAST Suite tool.

Think how peacefully you sleep knowing that a "watchman" is on duty around the clock, who conducts constant monitoring, analysis and will alert you whenever any danger appears.

Instant Emergency Alert

Detecting a cyberattack no longer takes 190 days. You are informed immediately after the slightest threat occurs. You have full control over the security of ICT systems in your company.

You immediately know who and from where is attacking your system

An additional aspect is confirmation that the activity was performed by a specific person. We still see such events in which logins and passwords are exchanged between employees (for example in production halls). In this case, we are not able to confirm the actual person performing the activity.

Biometric Data Protection

This is where biometrics comes i.e. hardware support for authentication. In the case of this type of solution, it is not possible to connect to someone else's account. The so-called 2FA (2nd factor authentication) in the SAP world is a novelty, and it should be commonplace. With SecuGen solutions and fingerprint or fingerprint readers, we are able to support this vital part of the authentication process.
Kontrola w czasie rzeczywistym

Pełna kontrola w czasie rzeczywistym

SAST Suite to narzędzie, które w czasie rzeczywistym kontroluje system SAP i pozwala na kompleksowe zarządzanie bezpieczeństwem .

Samochód rajdowy potrzebuje profesjonalnego kierowcy. Dla systemu SAP takim kierowcą jest narzędzie SAST Suite.

Pomyśl, jak spokojnie śpisz wiedząc, że przez całą dobę czuwa „stróż”, który prowadzi ciągły monitoring, analizy i zaalarmuje Cię ilekroć pojawi się jakiekolwiek niebezpieczeństwo.
Natychmiastowy alert zagrożenia

Natychmiastowy alert na wypadek zagrożenia

Wykrycie cyberataku nie trwa już 190 dni. Dostajesz informację natychmiast po wystąpieniu najmniejszego zagrożenia. Masz pełną kontrolę nad bezpieczeństwem systemów teleinformatycznych w swojej firmie.
Wiesz, kto atakuje

Od razu wiesz, kto i skąd atakuje Twój system

Dodatkowym aspektem jest potwierdzenie tego, że daną aktywność wykonała konkretna osoba. Widujemy nadal takie zdarzenia, w których wymieniane są pomiędzy pracownikami (na przykład na halach produkcyjnych) loginy i hasła. W takim wypadku nie jesteśmy w stanie potwierdzić rzeczywistej osoby wykonującą czynność.
Zabezpieczenie biometryczne

Biometryczne zabezpieczenie danych

Tu do gry wchodzi biometria, czyli hardwareowe wsparcie uwierzytelniania. W przypadku tego typu rozwiązań nie ma możliwości podpięcie się pod czyjeś konto. Tzw 2FA (2nd factor authentication) w świecie SAP to nowość, a powinna być codziennością. Za pomocą rozwiązań SecuGen oraz czytników linii papilarnych lub odcisków palców jesteśmy w stanie wesprzeć tę, jakże istotną część procesu autentykacji.

SAST Suite-GRC for SAP

First and foremost, the SAST Suite provides comprehensive risk management – compliance and authorization, and real-time cyber-attack detection.

In addition, it protects against leakage of personal data from the SAP system. Information about employees, customers, contractors-that is, the most valuable resources of the company are safe.
Security of Resources
Authorizations Management
Monitoring of the 
Authorization Conflict 
Data Access Control

Zabezpieczamy to, co najcenniejsze we wszystkich kluczowych obszarach

W Twoje ręce oddajemy najnowocześniejsze i najlepsze rozwiązania, które w pełni dostosujemy do Twoich potrzeb, obszaru  działania i wielkości Twojej firmy.
Bezpieczeństwo zasobów

SAST Suitę zabezpiecza najcenniejsze zasoby firmy

Ponieważ większość cyberataków spowodowana jest błędami w autoryzacjach, SAST Suite wyposażony jest w proces zarządzania autoryzacjami. To jednak nie działa samo – potrzebne są odpowiednie procedury przyznawania dostępów do poszczególnych danych w firmie.
Zarządzanie autoryzacjami

Wyposażony w proces zarządzania autoryzacjami

Dostajesz również wzmocnioną kontrolę SoD (konflikty uprawnień w SAP). To pozwoli wykryć, monitorować i analizować ryzyko w zgodzie z GRC (Governance Risk and Compliance)
Monitoring konfliktu uprawnień

Pełna kontrola nad uprawnieniami

W SAST Suite zaplanowaliśmy opcję zarządzania krytycznymi dostępami w oparciu o użytkownika firefighter, czyli użytkownika, który musi posiadać najwyższe dostępy do poufnych danych. Wszystko po to, żebyś miał pełną kontrolę i pewność bezpieczeństwa.

Kontrola dostępu do danych

Zgodność ze środowiskiem SAP

Co najważniejsze, wszystkie narzędzia SAST są certyfikowane przez SAP. Nie ma więc obawy o konflikt w środowisku SAP czy niezgodność. To systemy, które się uzupełniają.

We'll hack into your system and... secure your digital future

You can plan development and large investments without fear that a sneaky cyber attack will destroy these dreams. Our security experts will take care of everything.
Where do we start work? At the beginning, we perform SAP audit and penetration tests.
In the context of penetration testing, we will hack into your system in a controlled way and see how quickly such an attack will be detected (and if at all).

This happens in two ways:

1

Black Box

Our testers have no idea about the SAP infrastructure in the company, they act like typical cybercriminals.

2

White Box

We get access to SAP in the company
and we use them to get to data that we shouldn't have access to.

So we simulate an external and internal attack.

After many such tests, we can conclude that in 99% of cases we can bush around the entire system with impunity, without any notification of a threat or security breach.

Security audit, in turn, is a systematic and automated process that involves reviewing the most important aspects of SAP from the inside.
With the help of libraries of technical and authorization risks, we will trace all aspects of your SAP in such a way that, in addition to indicating problems, you can solve them with the suggested remedial steps.

Security audit and penetration testing is the first step to answer the question: "Is there a problem and where?"

Pobierz Darmowy E-book o bezpieczeństwie SAP

Zapisując się do newslettera, wyrażasz zgodę na przesyłanie Ci informacji o nowościach, produktach i usługach Lukardi S.A.
Zgodę możesz w każdej chwili wycofać, a szczegóły związane z przetwarzaniem Twoich danych osobowych znajdziesz w polityce prywatności.

We'll come down and check on your authorization mess

The SAP system is a complicated tool. However, like many popular solutions - it is becoming a target of cybercriminals' attacks more and more often.
This is often caused by a bad system configuration. Then the risk associated with reading, interception and leakage of personal data increases.

1

We'll check how secure your system is

Therefore, first, we will perform an in-depth analysis of the current SAP security level. We will take into account all SAP components and examine all configuration elements for data security and compliance.

2

We will analyze SAP for 4600 threats

We will check about 4,000 technical risks and 600 authorization risks - we need to know what we are dealing with and what gaps need to be fixed.

3

We will take look at user permissions

We will check carefully whether all users in your SAP have adequate authorizations. We know from experience that 90% of authorizations and access levels are exaggerated. Workers have greater levels of access than they actually need. We will show you risky trades and check who has access to them. This is the most common reason why money is leaking out of a business.

4

We will prepare recommendations and a recovery plan

We will record the security status, categorize all risks, and prepare a recovery plan and solutions for you. This will allow you to fully protect your company against cybercriminals' attacks.

It is a long and complicated process, but it is worth consciously preventing.

Instead of dismissing thoughts of a cyber-attack and telling yourself "this happens to others, not to me" - think how much you can lose before it's too late.

Millions of losses can be worked off because there is no money that cannot be earned.
But the trust of customers, contractors and investors as well as market position are lost only once - forever.


If you can prevent it, don't wait for it to happen.
Pobierz e-booka o bezpieczństwie SAP

Biometrics in SAP

Are you sure that the activity was performed by a specific person?

Do you know situations in which, for example, in production halls, employees exchange logins and passwords to perform an action in SAP?

The login/password system is several decades old. It's not optimally adapted to today's reality.

This includes the possibility of additional confirmation of individuals using hardware solutions such as a fingerprint reader.

It is not only authorizations that reduce fraud but also to make sure that a particular part of the process was physically performed by a particular person.

We'll digitally secure your company.

My name is Tomek. Together with a team of specialists, I will show you how to use the SAST Suite, in real-time, to secure valuable data in your company from hacker attacks and theft.
Contact Us
Head of Security Development
Tomasz Jurgielewicz
+48 508 400 203
Address Information
ul. Tęczowa 3 , 60-275 Poznań
NIP: 5213683072
REGON: 360098885
Visit our Social Media:
Lukardi 2022. All Rights Reserved. 
Made with