Date: December 14, 2023 - 10:30 - 11:30 am (CEST)

Speaker/s:
Karina Ertel; Business Support Specialist, SAP
Yizhou Li, Senior Technology Consultant, SAP

Each month, we select and highlight security topics relevant to SAP customers. In December, we talk about managing data privacy and protection with SAP. Data privacy and compliance regulations are sweeping the world. The rising tide of data compliance has challenged how an organization should collect, store, process, and delete data. In this session, you will learn how SAP Information Lifecycle Management (ILM) can help you fulfill the "right to be forgotten" and how ILM can be implemented in your legacy systems as well as in your S/4HANA migration.

Links:

Registration

no Recording

no PDF

Date: October 19, 2023 - 10:30 - 11:30 am (CEST)

Each month, we select and highlight security issues relevant to SAP customers. In October, we will discuss how to lead discussions on cybersecurity resilience as part of the overall business strategy and bridge the gap between IT and the business.

Join us to uncover the key elements that make cybersecurity discussions impactful with business leaders. This webinar explores the integration of cyber risk with enterprise resilience, cultivating a shared language between IT security experts and chief executives, with the help of an interactive security dashboard. Discover strategies to prioritize investments, enhance risk mitigations, and safeguard assets for a unified and resilient organization.

Links:

Recording Part 1

Recording Part 2

Blog Information

no PDF

Date: October 18, 2023 - 17:00 - 17:30 pm (CEST)

Speaker/s: 
Jay Thoden van Velzen, strategic advisor to Chief Security Officer, SAP

This webinar is part of SAP's Cybersecurity Awareness Campaign in October and will focus on the cybersecurity in cloud. 

As customers increasingly move their workloads into the cloud, the responsibility on SAP to protect customers’ business operations increases. The potential downstream cyber physical impact of security incidents or outages in our cloud landscape is severe. We therefore put organizational structure and processes in place to build, run and act securely. In this session, hear from Jay Thoden van Velzen how this works in practice, ranging from risk management through the NIST Cybersecurity Framework, security policies and governance, and 3rd party audits.

Links:

Link to join and replay

no PDF

Date: October 12, 2023 - 17:00 - 18:00 pm (CEST)

Speaker/s:
Virat Tiwari, Product Manager @SAP

High availability and disaster recovery are crucial aspects of running your mission-critical workloads on SAP Business Technology Platform. In this session you'll not only get an overview on how SAP BTP offers resiliency of the platform but also guidance on how to build resilient applications on SAP BTP by applying various best practices and resilient patterns.

Links:

Link for joining and replay

no Recording

no PDF

Date: October 11, 2023 - 17:00 - 18:00 pm (CEST)

Speaker/s: 
Anjelica Dortch, Hedayatollah Hosseini, Peter Westphal

Join us for "Keeping Customers Safe Around the Globe with NIST," focusing on SAP's 2021 implementation of the NIST Cybersecurity Framework. With EY's support, SAP strengthened its cybersecurity posture, reinforcing its status as a trusted brand.

Links:

Link to join and replay - Registration

no PDF

Date: October 04, 2023 - 17:00 - 17:30 pm (CEST)

Speaker/s: 
Anne Marie Colombo, Cybersecurity Solution Advisor, SAP

This webinar is part of SAP's Cybersecurity Awareness Campaign in October and will focus on the latest cybersecurity trends in the market and trends specific to SAP.  The webinar will cover market trends such as emerging technologies, cloud security, zero trust, and the growth of AI and ML in the fight against cybercrime.  Learn how these trends apply to the SAP landscape, including SAP's popular RISE platform, and take away practical suggestions that can be applied to protect your SAP landscape today.

Links:

Link to join and replay

no PDF

Date: September 21, 2023 - 16:00 - 17:00 pm (CEST)

Welcome to the SAP Security Webcasts!

Every month, we choose and highlight the relevant security aspects for SAP customers. In September we will have a joint session of SAP and Splunk to discuss about securing SAP environments.

For too long, security teams had limited visibility into SAP applications and data and could not use standard security operations tools and procedures to defend them. Splunk® Security for SAP® solutions, an SAP Endorsed App, brings security events and alerts from SAP directly into Splunk to help defenders monitor, detect, investigate and respond to threats affecting SAP environments.

Join this webcast by Splunk and SAP experts to:

- Learn about the challenges to securing SAP environments

- Discover key use cases and benefits of Splunk Security for SAP solutions

- Watch a solution demonstration and dive into technical details

Links:

Recording

Demo

PDF

PDF - Security Patch

Date: August 17, 2023 - 10:30 - 11:30 am (CEST)

Welcome to the SAP Security Webcasts!

Every month, we choose and highlight the relevant security aspects for SAP customers. In August we will talk about security-focused Expert Guided Implementation (EGI) offerings that can boost your use of ALM platforms, such as SAP Solution Manger, SAP Focused Run, and SAP Cloud ALM.’

With the launch of a brand new Expert Guided Implementation (EGI) training offering this summer entitled “Implementing an SAP Security Baseline Dashboard”, this webcast edition will summaries the latest security-related offerings that are available from the SAP Learning Hub hosted by the SAP Enterprise Support Academy.

Since the EGIs have been brought up to date, you will get an overview of what the courses contain, who they are relevant to, and how to register for them.

Links:

Recording

PDF

PDF - Security Patch

Date: July 20, 2023 - 10:30 - 11:30 am (CEST)

Join us for an interactive webcast where SAP and Turnkey experts delve into the cutting-edge features and unparalleled advantages of SAP Enterprise Threat Detection (ETD), cloud edition, offered as a comprehensive managed service. In this, you'll have the opportunity to:

• Gain deep insights into the solution's benefits and services.
• Witness a live demonstration of the solution in action.
• Learn from real-world customer experiences and receive guidance on getting started with SAP Enterprise Threat Detection, cloud edition, as a managed service

We will be happy to interact with you in this session.

Links:

Recording

PDF

PDF - Security Patch

Date: June 15, 2023 - 10:30 - 11:30 am (CEST)

Welcome to the SAP Security Webcasts!

Every month, we choose and highlight the relevant product security aspects for SAP customers. In June we share how the security approach for SAP HANA Cloud and it's security capabilities help controlling critical business data. Additionally, you get a glimpse on the latest shipped developments in SAP HANA and SAP HANA Cloud.

Links:

Recording

PDF

Date: May 11, 2023 - 10:30 - 11:30 am (CEST)

Welcome to the SAP Security Webcasts!

Every month, we choose and highlight the relevant product security aspects for SAP customers. In May we are piloting a new format: panel discussion on the topic of Navigation the Cloud.

In this panel discussion, we will explore the unique security challenges associated with cloud platforms and discuss best practices for mitigating risk. Our experts will share their experiences in managing cloud security solutions, covering topics such as identity and access management, data encryption, and threat detection. Join us to learn how to navigate the complexities of cloud security and keep your data safe in the cloud. The audience will also have the opportunity to ask questions and engage in discussion about the evolving landscape of cloud security.

Links:

Recording

PDF

PDF Security Patch

Date: April 20, 2023 - 15:00 - 16:00 pm (CEST)

Welcome to the SAP Security Webcasts!

Every month, we choose and highlight the relevant security aspects for SAP customers. In April we will talk about ‘The SAP Enterprise Support Security Value Map’s interpretation and use of SAP's Secure Operations Map.’

SAP created the Secure Operations Map as a Reference Model to structure the broad area of security for content, discussions and as the basis for a 360° view on security.  The focus is on the Operational Aspects, or the tasks and considerations which a customer or service provider should consider to maintain and operate their systems and landscapes in a secure manner.

Value Maps guide you through the different sources of information, tools, and services available from SAP Enterprise Support to help you to efficiently build and run your SAP systems. The Security Value Map utilizes this SAP Secure Operations Map as a visual guide to help make it easier to see all the key offerings that are available for a topic and understand how things are connected. Access the SAP Enterprise Support Value Maps Learning Room platform here.*    

*Before you can access the link above, a one-time registration in SAP Learning Hub, edition for SAP Enterprise Support, is required. A detailed step-by step guide to registration can be found here.

Links:

Recording

PDF

Security Patches

Date: March 16, 2023 - 10:30 - 11:30 am (CET)

Welcome to the SAP Security Webcasts!

Every month, we choose and highlight the relevant aspects of SAP product security for SAP customers. In March we will talk about the SAP Cloud Identity Services.

Do you want to know what the SAP Cloud Identity Services are, how to integrate them in your project but not sure where to start ? Skip the cumbersome learning line and join our fast-track in this webcast.

Links:

Recording

PDF

PDF Security Patch March

Date: February 16, 2023 - 10:30 - 11:30 am (CET)

Welcome to the SAP Security Webcast Series!

Every month, we choose and highlight the relevant security aspects for SAP customers. In February we will talk about SAP's Security Optimization Services Portfolio.

Security of SAP solutions is key for the reliability and compliance of capabilities and processes built on them. Customers need to contribute their part to it to achieve a solution landscape with an overall appropriate level of security, be it on-premise, in the cloud or in a hybrid landscape. In this webcast we give an overview on information and security services available from the Global Security Hub in the Customer Success Area of SAP to enable and support SAP’s customers on this task. You can check the SAP Security Optimization Services Portfolio here.

Links:

Recording

PDF

Date: January 19, 2023 - 10:30 - 11:30 am (CET)

Every month, we choose and highlight the relevant security aspects for SAP customers. In January we will talk about defending SAP Business Applications from Cyber Threats

In a perfect world all of this would not happen, but today CISOs are sometimes surprised when their business applications are compromised, and the company loses data or business is affected by data manipulation or manipulation of business processes.

But how can companies protect themselves if they do not have the necessary experts and resources to operate a 24x7 security center that also covers the security requirements of a complex SAP system landscape? 

In this session, we will guide you thru a brief overview of SAP Enterprise Threat Detection, cloud edition capabilities and its included managed cyber security service provided by SAP. This session will also cover how to:

• satisfy security, data protection and audit needs providing a higher visibility into SAP business applications
• obtain a competitive advantage through greater cyber resilience combined with an increased system confidentiality, integrity and availability
• lower the cost of managing, user behavior analytics and protecting data across multiple landscapes
• prevent of internal and external fraud
• overall balance business and security goals

Links:

Recording

PDF

PDF Security Patch January

Date: December 15, 2022 - 10:30 - 11:30 am (CET)

Welcome to the SAP Security Webcast Series!

Every month, we choose and highlight the relevant security aspects for SAP customers. In December we will talk how development speed and development security correlate to each other.

In the session we will analyze different applications that SAP has developed during the early phase of the Corona pandemic. We will also provide a short overview of the application architecture and have a look into lessons learned. Especially we would like to highlight measures that can adopt in all many projects to improve speed alongside security during the development.

Links:

Recording

PDF

Date: November 17, 2022 - 10:30 - 11:30 am (CET)

Welcome to the SAP Security Webcast Series!

New to SAP Business Technology Platform? This presentation will introduce you to the security fundamentals inside SAP BTP. After this session you will have a basic understanding of SAP BTP’s Cloud Identity services, Secure Development services, Connectivity services, encryption and Business Services.

Links:

Recording

PDF Webcast

PDF Security Patches

Date: October 27, 2022 - 15:00 - 16:00 pm (CEST)

Welcome to the SAP Security Webcast Series!

Protecting SAP Landscapes from Cyber Attacks can be challenging for SAP Admin or Network Admins. Fortinet presents typical scenarios why SAP landscapes should be protected and how Fortinet technology helps to provide state-of-the-art protection of hybrid SAP landscapes. Furthermore, Fortinet and SAP outline what SAP Basis Teams must know about SAP protection as well as how to identify and automatically respond on SAP incidents using SAP Enterprise Threat Detection in combination with FortiSOAR.

Links:

Link to stream and replay

no Recording

no PDF

Date: October 20, 2022 - 14:00 - 15:00 pm (CEST)

Welcome to the SAP Security Webcast Series!

Every month, we highlight the most relevant security aspects for SAP customers. In October we will talk about how to detect and prevent attacks on SAP S/4HANA.

As hacking and attacks on business applications, such as SAP S/4HANA, are becoming more common, cybersecurity professionals are actively trying to detect and prevent the attacks. This webcast will cover how to detect potential attacks and possibly prevent them. The presentation will also explain how to analyse the attacker’s track and perform a forensic analysis of the attack that has already happened. Lastly, the presentation will conclude with the best practices to help you get early detection of potential attacks and possible ways to prevent the attacks on SAP S/4HANA.

Links:

Recording

PDF Webcast

PDF Security Patches

Date: September 29, 2022 - 15:00 - 16:00 pm (CEST)

Welcome to the SAP Security Webcast Series!

Come and learn about the exciting new Log Extension Add-On for SAP Enterprise Detection from the data security experts at EPI-USE Labs. We walk through real world examples of how to detect insecure SAP GUI usage, how to detect when non-business users run critical business transactions, how to monitor access to intellectual property and much more.

This session is especially targeted to data security experts of SAP Ecosystem.

Links:

Link to join and replay

no PDF

Date: September 15, 2022, 10:30 - 11:30 am (CEST)

Welcome to the SAP Security Webcast Series!

Every month, we highlight most relevant security aspects for SAP customers. In September we will talk about new ways of setting up authorizations.                                    .

The traditional role based authorization paradigm is at a breaking point. More sophisticated requirements around privacy and protection of a company’s “crown jewel” information require new approaches.

Join this session to learn how to enhance existing authorization setups with attribute based authorization decisions, and see an example of data classification supported by levels based access to understand the value this offers in areas from personal information to business critical data.

Links:

Recording

PDF

Date: August 18, 2022, 10:30 - 11:30 am (CEST)

Welcome to the SAP Security Webcast Series!

Every month, we highlight most relevant security aspects for SAP customers. In August we will talk about security and compliance in context of RISE with SAP offering.

SAP has always been about developing high-quality and highly secure software. With the rise of the cloud, and the launch of RISE with SAP in 2021 we are now also responsible for operating that same software. A responsibility we don’t take lightly. The SAP S/4HANA Cloud, Private Edition is at the core of “RISE with SAP” offering which holds customer’s mission critical data and business processes. SAP customers are adopting RISE with SAP at an accelerated pace. SAP Enterprise Cloud Services (ECS) provides a managed private environment with multi-layer defence in depth architecture handling infrastructure and technical managed services. The division of cloud security responsibilities between SAP as Cloud Service Provider (CSP) and Customer as a consumer of SAP cloud service always surface during discussion with customers on security and compliance related to SAP cloud services. In this session, we will discuss nuances of tenancy model, shared security responsibility model, network segregation, security and compliance related to RISE with SAP – SAP S/4HANA Cloud, Private Edition.

Links:

Recording

PDF

Date: July 21, 2022, 10:30 - 11:30 am (CEST)

Bug Bounty programs allow third parties to receive financial recognition when they discover and responsibly disclose vulnerabilities in an application. SAP has been offering bug bounty programs since 2018, and the number of vulnerability disclosures from this program by these programs reached second place of all external reports in 2020 - even though only a few SAP applications had offered a bug bounty program at the time. The bug bounty program for SAP S/4HANA has been implemented in 2019 and was only recently extended to cover both SAP S/4HANA on premise and SAP S/4HANA cloud. In this session, the SAP S/4HANA security team will explain how this service increases the S/4HANA security for both, customers and internal stakeholders.

Links:

Recording

PDF

Date: June 15, 2022, 10:30 - 11:30 am (CEST)

Every month, we highlight most relevant security aspects for SAP customers. This month we will talk about Bug Bounty for SAP Applications. Bug Bounty programs are initiatives that reward security researchers for discovering and reporting vulnerabilities. In this session you will see how SAP runs Bug Bounty programs, and how it enables SAP applications to be more resilient against security threats.

Links:

Recording

PDF

Date: May 19, 2022, 10:30 - 11:30 am (CEST)

Welcome to the SAP Security Webcast Series! You just need to register once and can participate in any of the sessions, that we offer throughout the year.

Every month, we highlight most relevant security aspects for SAP customers. This month we will talk about how to minimize the attack surface of Hybrid SAP S/4HANA landscapes with Focused RUN.

Companies are under increasing pressure to optimize business-critical SAP applications, comply with legal requirements and protect themselves against ever-evolving threats from cyberattacks. Using a typical customer journey as example, this session demonstrates how customers use SAP Focused Run for driving their efforts in security hardening, patch management and critical user authorizations to a success.

This session helps SAP decision makers and IT operations managers to understand:

• Why old-fashioned configuration monitoring remains the mandatory foundation of any security effort.

• How the concepts and most relevant features of SAP Focused Run support a cost-sensitive journey to secured Hybrid landscapes.

• How management dashboards (with visualizations of aggregated data), automation of IT processes and comprehensive read-only access to technical details go hand in hand.

Links:

Recording

PDF

Date: April 21, 2022, 10:30 - 11:30 am (CEST)

Welcome to the SAP Security Webcast Series!

Every month, we highlight most relevant security aspects for SAP customers. This month we provide an overview of the SAP Security Products and Services and share the most recent updates.

Cyber-attacks can have severe consequences when it comes to SAP S/4HANA applications. These attacks increasingly focus on the company’s application layer and use privileged user accounts. Unfortunately, many security departments see the SAP application layer as a “black box,” and they view the security of SAP applications as the responsibility of their Basis or SAP application colleagues, leaving these applications at risk. Securing an SAP S/4HANA business application environment involves more than roles and authorizations. The loss of sensitive data can lead to severe penalties, damages reputation, and endanger the overall business operations within minutes. This session will help to understand the challenges and required steps to secure SAP landscapes:

- The session first looks at how security frameworks can help lay the foundation for a strong security strategy;

- It then walks through SAP’s portfolio of security and compliance solutions through the lens of the Cybersecurity Framework provided by the National Institute of Standards and Technology (NIST) — a framework that is widely used for establishing standard security guidelines and best practices within organizations.

- Lastly, it explains how to control the activities with a security infrastructure to meet compliance and business requirements and to provide insight that helps to make better decisions.

Links:

Recording

PDF

Date: March 17, 2022, 10:30 - 11:30 am (CET)

Welcome to the SAP Security Webcast Series!
Every month, we highlight most relevant security aspects for SAP customers. This month we talk about how SAP solutions for UI data protection are evolving.
Join us to get to know a new tool set for countering the threat to your business critical data assets, and how they help you decrease the growing risk from data access challenges and regulations – which you might already be facing around social engineering attacks, segregation of duties, technical or business exploits, auditability of data access, etc.
In this session, you will get an introduction to common use cases and applicability and experience core features in a live demo, such as data masking and blocking with attribute based authorizations; as well as access transparency for analysis for auditing purposes. Ample bandwidth for putting your questions during and after the event ensures you’re equipped to map the options with your specific data access challenges.

Links:

Recording

PDF

Date: February 17, 2022, 10:30 - 11:30 am (CET)

Every month, we highlight most relevant security aspects for SAP customers. This month we talk about security that seems like an impenetrable jungle. Everything is important and highly complex. System landscapes, especially in hybrid scenarios, are constantly evolving and changing.So, where should you start, and how can you address this topic?

We will show you how to discover your most pressing security issues, how to evaluate and rate them. We will share tips on making informed decisions so you can understand the challenge and find a starting point for venturing into the security jungle.

Links:

Recording
PDF

Date: New Date will be re-announced

Orador:
Blas Zubillaga, Especialista de soluciones SAP GRC y seguridad @SAP

El impacto de un ciberataque puede tener consecuencias muy graves especialmente cuando los sistemas aplicativos son comprometidos. No solamente se pondrá en peligro lo valioso de las organizaciones sino que podría haber sanciones financieras y pérdidas indirectas por un impacto negativo a la reputación de la organización.     

En un entrono con una creciente oleada de ciberataques es importante que los equipos de seguridad junto con los equipos de aplicaciones como lo es SAP S/4HANA colaboren para crear una estrategia de ciberseguridad más robusta que no solo este basada en roles y autorizaciones sino en herramientas más avanzadas. 

En esta sesión hablaremos de cómo SAP ayuda a los responsables de las organizaciones (CIO, CFO y CISO) y a los equipos de seguridad proteger su entorno SAP y a enfrentar con éxito estos desafíos.

-        En primer lugar, analizaremos cómo los marcos de seguridad pueden ayudar a sentar las bases de una estrategia de seguridad sólida.

-        Posteriormente revisaremos el portafolio de soluciones de seguridad y cumplimiento de SAP utilizando como referencia el marco de ciberseguridad del Instituto Nacional de Estándares y Tecnología (NIST), un estándar que establece las pautas de seguridad y mejores prácticas dentro de las organizaciones, y así proporcionar a los clientes de SAP un conjunto de herramientas para crear una estrategia de seguridad integral que satisfaga sus necesidades específicas y generales.

Por último, explicaremos cómo controlar las actividades con una infraestructura de seguridad para cumplir con los requerimientos del negocio y de cumplimiento, y proporcionar información para la toma de decisiones de los directivos de la empresa.

Links:
Registro: Click here for register
(New Date will be re-announced)
Recording
PDF

Date: January 20, 2022, 10:30 - 11:30 am (CET)

SAP Identity Management helps organizations embed identity management into their business processes, establishing a central user access management across the entire enterprise. Learn about recent enhancements, and find out how you can extend your on-premise user management to the cloud by integrating with the SAP Cloud Identity services.

Links:

Recording
PDF