Skip links
Services

RedRays SAP Security Audit

SAP Security Audit

Is an attempt to evaluate the security of an IT infrastructure by safely trying to exploit vulnerabilities.

Is a systematic review of security weaknesses in an information system


SAP ABAP and Java Code review

We analyze the source code SAP systems (ABAP and/or Java) for most common vulnerabilities


SAP Security Trainings

Our security experts who combine in-depth knowledge and experience will be happy to deliver security training and share the best practice used in the most secure SAP landscapes.

Why is SAP penetration testing needed?

SAP Penetration testing is the most efficient way to simulate real-life attack vectors to measure the possibility of gaining access 
to critical SAP data or find weaknesses in implemented security techniques.

SAP Security Audit

SAP Penetration Testing

The first phase is identifying the most critical vulnerabilities by manual and automated scanning. The second phase is exploiting discovered vulnerabilities, trying to get access to the connected systems and business-critical data.
After the completion of the engagement,  a report will be provided containing:

  • Details about vulnerabilities and misconfigurations;
  • Potential attack entry points and attack vectors;
  • Business risks associated with the use of these vulnerabilities;
  • Detailed recommendations for remediation; 
  • Post engagement support, including retest of identified vulnerabilities and support for fixing vulnerabilities if needed

SAP Vulnerability Assessment

Our team offers SAP vulnerability assessment, which can include additional services such as:

  • SAP custom code security review
  • SAP segregation of duties analysis
  • Configuration check,
  • Critical access control checks;

    After the completion of the engagement, a report will be provided containing:

  • Details about vulnerabilities and misconfigurations;
  • Potential attack entry points and attack vectors;
  • Details about users and roles in SoD conflicts (if SoD Security assessment option is selected)
  • SAP Security Audit guidelines for secure system configuration;
  • Detailed recommendations for remediation
  • Post engagement support, including retest of identified vulnerabilities and support for fixing vulnerabilities if needed.

SAP ABAP and Java code Review

We offer static analysis of SAP ABAP and Java code. During source code analyzes can be discovered not only the most common security issues but also logical vulnerability chains, which may lead to a system compromisation.

SAP Security trainigs

We are pleased to announce that our experienced team is conducting in-depth SAP security training. For more information contact us.

Penetration testing

  • Determines the scope of an attack
  • Tests sensitive data collection.
  • Gathers targeted information and/or inspect the system.
  • Cleans up the system and gives final report.
  • It is non-intrusive, documentation and environmental review and analysis.
  • It is ideal for physical environments and network architecture.
  • It is meant for critical real-time systems.

Vulnerability Assessment

  • Makes a directory of assets and resources in a given system.
  • Discovers the potential threats to each resource.
  • Allocates quantifiable value and significance to the available resources.
  • Attempts to mitigate or eliminate the potential vulnerabilities of valuable resources.
  • Comprehensive analysis and through review of the target system and its environment.
  • It is ideal for lab environments.
  • It is meant for non-critical systems.

Contact us to secure your SAP