Attacks on ERP systems have become a very hot topic, especially after the USIS data breach happened because of an SAP vulnerability. Analysts from different firms such as Gartner, 451 Research, IDC, KuppingerCole, and Quocirca agreed on the significant importance of ERP systems security and lack of this functionality in traditional tools.
Splunk is the leading software platform for real-time operational intelligence, enabling organizations to search, monitor, analyze, and visualize machine-generated big data coming from websites, applications, servers, networks, sensors, and mobile devices. ERPScan Security Monitoring Suite for SAP and Oracle gathers security information about vulnerabilities, misconfigurations, source code issues, and SoD violations you need to fight. Essentially, as a part of the integration all vulnerabilities, misconfigurations, source code security issues and SoD violations from SAP and Oracle enterprise systems detected by the ERPScan Security Monitoring Suite can be continuously monitored in Splunk Enterprise for more complete security analysis of the entire infrastructure with respect to Oracle and SAP Security.
The integrated solution combines ERPScan Security Monitoring Suite and Splunk Enterprise to provide vulnerability management and incident detection data. It enables operations security professionals to detect, investigate, and respond to security threats more quickly and effectively.
Vulnerability and configuration information from Distributed ERPScan instances feeds into the Splunk software thus users can create alerts, raise alarms, or take other operational actions when attacks are happening on assets affected by vulnerabilities. This gives security specialists a deeper insight about the current risk state of organizations.
CISOs want to easily manage their systems from 2-3 key platforms such as SIEM, GRC, and ITSM; our goal is to help them solve this task. With the partnership, we continue our global strategy to integrate both with the key players in the security market and promising startups in the industry to build an SAP Security ecosystem.
- says Alexander Polyakov, CTO at ERPScan.
The integration allows extending Splunk Enterprise functionality to monitor SAP NetWeaver ABAP security, SAP NetWeaver JAVA security, SAP HANA Security, SAP BusinessObjects security, SAP Mobile Platform security, SAP Afaria Security, SAP Plant Connectivity Security, Oracle Database Security, Oracle PeopleSoft security, and all applications and industry solutions based on the listed platforms.
What you can gain from the integrated solution:
Get unlimited scalability. Manage Business Application Security from a single place, where you can accumulate, analyze, and report the most comprehensive ERP security information from multiple data centers across the world. Analyze vulnerabilities across services, landscapes, locations, business units etc. or check what assets are more prone to danger in terms of compliance with regulations.
Save time on daily operations. Manage risks at the enterprise level by integrating information from 7000+ configuration checks and 3000+ vulnerability checks from every SAP and Oracle system in one place with context-based correlation and advanced reporting from Splunk.
Perform In-depth investigations. Add invaluable context from ERPScan’s data about specific application vulnerabilities in ERP, SRM, CRM, HR, and Industry solutions from SAP and Oracle to OS and Network security events and data collected by Splunk. Obtain additional security information about each asset, e.g. ports, services, applications, users, vulnerabilities, and risks.