SAP® Security
as a managed Service
Your starting point for better SAP cyber resilience
A basic level of security for your mission-critical SAP systems
For organizations with higher security requirements
Full Managed SAP Security as a Service
SAP SIEM (Security Information Event Management)
Registered in Switzerland
All data is protected by the Swiss "Bundesgesetz über den Datenschutz" (DSG) and the "Verordnung zum Bundesgesetz über den Datenschutz" (VDSG), which provides some of the strongest privacy protection in the world for businesses. Since Security Hub is located outside the USA and the EU, only a court order from the Cantonal Court or the Swiss Federal Supreme Court can force us to release the data.
SAP Security Operations Center
Perodic SAP Security Checks, vulnerability assessments and compliance audits
SAP Security Dashboard & Risk Management
Benchmark your performance with your peers
Onboarding fee
SAP Security Basic Controls
Basic SAP Security Controls based on SAP recommendations like the SAP Secure Operations Map, Whitepapers and SAP Security Guidelines.
SAP Security Dashboard
Benchmark your performance with your peers and get exposure visibility in the SAP Security Dashboard with an SAP Security Score
Access to SAP Security Knowledge Database
Remediation, mitigation, guided procedures
Included hourly contingents
Included hourly contingents for extended consulting & advanced advisory services.
- Advanced SAP Security Architect Services for Threat Protection
- Architectural security reviews: Our SAP Security Architects support your internal staff with the review of your Change Requirements.
- Due diligence of 3rd party code, tools, and addons
- Ethical hacking and threat modeling services
Get the guidance you need to take the best path toward digital transformation, cloud adoption, and sustainable innovation.
Integration with your ticketing & alerting tools (e.g. Jira)
Automate notifications and ticketing workflows with leading third-party software to quickly respond to threats.
On site Support, extended SAP Security Engagements
Premium Engagements
Support your implementation with packaged services and support to co-innovate with SAP and create ground-breaking business models.
Monthly SAP Security Patch Day action list for your SAP operations team
Data privacy standards
Specific SAP controls mapped to:
- GDPR
- BS 10012
- ISO27018:2014
Compliance dashboard and reports
Easily demonstrate compliance with pre-built compliance reports for ISO 27001, PCI, HIPAA, BSI and NIST.
Support
Direct access to our global network of recognized SAP Security Experts.
Managed SAP security incident response
Detection, classification and active response with your internal Security Staff
Periodic SAP security threat & vulnerability checks
- SAP Security Scanning and Vulnerability Management
- Managed SAP Security Assessment
- Continuous SAP Security Management (SAP DevSecOps)
Periodic compliance audits
Periodic compliance assessments of regional, industry-specific, data privacy and global standards
Industry specific controls
Specific SAP controls mapped to:
- CDSA
- MPAA
- FACT UK
- Shared Assessments
- FISC Japan
- HITRUST
- MARS-E
- IG Toolkit UK
- FERPA
- GLBA
- FFIEC
Continuous risk updates
SAP Security Risk Management including Risk Over Time (ROT) Graph, Templated Risk Reporting, Configurable Dashboards, Real-time Risk Monitoring, Centralized Risk Register, Risk Matrix, Risk Categorization, Risk Heatmap, Target Risk Benchmarking, Risk Treatment Workflow
Consulting & advanced support hourly rates
Benefit from reduced hourly rates for additional, advanced SAP Security Services that are not covered by the included contingents.
Log and configuration data retention time
Securely store your raw log data for compliance and forensics in cold storage for up to 36 months (extensions available).
SAP system hardening validation
AP Systems are not secure by default. Your subscription includes periodic scans of your sap system profile parameters against our established SAP Security Controls Framework.
Risk reporting and mitigation planning frequency
Periodic strategic meetings
Response time SLAs for support
Enhanced support case response times
Web-based support, target response time: 3 business days
Urgent: 16 hours
High: 48 hours
Normal: 72 hours
Urgent: 8 hours
High: 24 hours
Normal: 72 hours
Urgent: 4 hours
High: 12 hours
Normal: 48 hours
Log and configuration data storage space
Health and pharmaceutical sector
Specific SAP controls mapped to:
- GxP
- HIPAA
SAP Security & Compliance Platform availability
Data sovereignty guaranteed by Swiss hosting. From Switzerland, legally registered in Switzerland.All data is protected by the Swiss "Bundesgesetz über den Datenschutz" (DSG) and the "Verordnung zum Bundesgesetz über den Datenschutz" (VDSG), which provides one of the strongest privacy protections in the world. Since Swiss Security Hub AG is located outside the USA and the EU, only a court order from the Cantonal Court or the Swiss Federal Supreme Court can force us to release any data.
Public sector
Regional and public administration standards covered, specific SAP controls mapped to:
🇺🇸 FedRAMP, NIST
🇩🇪 BSI (IT-Grundschutz), C5
🇨🇭 NCSC (IKT-Grundschutz)
coming soon:
🇬🇧 Cyber Essentials Plus
🇪🇸 ENS, DPA
🇦🇺 IRAP
🇳🇿 GCIO
🇨🇦 PIPEDA
🇦🇷 PDPA
🇯🇵 My Number Act
🇮🇳 MeitY
Dedicated SAP Security Officer
Your dedicated SAP Security Officer acts as your personal Cyber Hero and responds quickly to any security issues. They can also be part of your internal team and participate in your sprint ceremonies.
Implementation of custom controls
Custom Control Library
- Policy Templates
- Policy Builder
- Policy Versioning
- Policy Status
- Tracking Policy
- Assignment (Business Divisions)
- Policy Development Workflow
- Policy Distribution
- Master Policy Records
- Multi-Lingual Policies
Not sure if the Security Hub solution is right for you?
Have a no-obligation chat with one of our Security Officers to assess whether we would be a good fit.