Headquartered in Palo Alto, CA, ERPScan makes it a mission to close the gap between technical and business security. The company offers automated solutions that cover all areas of SAP security with a unified platform and allows customers to correlate data from different areas, giving a 360-degree view on SAP security.
ERPScan’s flagship product, ERPScan Security Monitoring Suite for SAP, resolves the issues related to vulnerability management, source code vulnerabilities, backdoors, and access control along with Segregation of Duties (SoD). The solution not only protects the customer’s system from cyber attacks and internal fraud but also decreases TCO by saving on compliance audits and through automation. ERPScan Monitoring Suite for SAP is specifically designed to continuously monitor changes in multiple SAP systems. It generates and analyzes trends on user friendly dashboards, manages risks, tasks and exports results to external systems.Apart from providing an exclusive security product, ERPScan also provides services like SAP Penetration Testing. “Penetration testing is a vision of the system as seen by an attacker,” says Polyakov.
We cover all areas of SAP security with a unified platform and allow customers to correlate data from different areas, giving a 360-degree view on SAP security
Offering security solutions that are right fit for a diverse customer base, the company has delivered solutions to many customers from a wide array of industries. “One of our large installations was recently done for an oil company,” says Polyakov. ERPScan helped in monitoring more than 100 SAP systems, solved vulnerability as well as configuration management issues and continuously scanned for Advanced Business Application Programming (ABAP) code before it went to production. The oil organization also used SAP GRC for SoD and access control management. ERPScan was integrated with SAP GRC and all IT and security risks were identified and managed in SAP GRC as part of Enterprise GRC Process. ERPScan decreased the TCO by 80 percent by automating security administration routines within six months, and reduced the number of critical issues 10 times.
Moving forward, ERPScan is planning to develop a new module. The product will provide advanced threat detection based on information from different SAP log files. “The customers will have real-time information about malicious activities in SAP Systems,” concludes Polyakov.