Buch, Englisch, 455 Seiten, Format (B × H): 188 mm x 262 mm, Gewicht: 972 g
Reihe: SAP PRESS: englisch
Buch, Englisch, 455 Seiten, Format (B × H): 188 mm x 262 mm, Gewicht: 972 g
Reihe: SAP PRESS: englisch
ISBN: 978-1-4932-2592-7
Verlag: Rheinwerk Verlag GmbH
Protect your SAP system from bad actors! Start by getting a thorough grounding in the why and what of cybersecurity before diving into the how. Create your security roadmap using tools like SAP’s secure operations map and the NIST Cybersecurity Framework (CSF). Then walk through key cybersecurity processes: vulnerability management, threat detection, incident response, disaster recovery, and more. With step-by-step instructions for implementing infrastructure and network security and using tools like SAP Trust Center, this guide will help you safeguard your system!
Autoren/Hrsg.
Weitere Infos & Material
... Foreword by Mariano Nuñez ... 15
... Who Should Read This Book ... 19
... Acknowledgments ... 19
1 ... What Is Cybersecurity? ... 21
1.1 ... CIA Triad ... 22
1.2 ... Identification, Authentication, Authorization, and Accountability ... 24
1.3 ... Nonrepudiation ... 26
1.4 ... Vulnerabilities, Threats, and Risks to SAP Applications ... 26
1.5 ... OWASP Top 10 ... 31
1.6 ... Ransomware ... 40
1.7 ... Frameworks ... 41
1.8 ... Security Research ... 43
1.9 ... Summary ... 44
2 ... Why Do SAP Landscapes Need Cybersecurity? ... 45
2.1 ... Evolution of Vulnerabilities and Threats to SAP Applications ... 45
2.2 ... Why Traditional SAP Security Can’t Protect against Cybersecurity Threats ... 56
2.3 ... Obstacles to Cybersecurity Implementation ... 61
2.4 ... Traditional SAP Security: What Works and What Doesn’t ... 71
2.5 ... Summary ... 82
4 ... Building a Cybersecurity Program for the SAP Landscape ... 165
4.1 ... National Institute of Standards and Technology Cybersecurity Framework ... 166
4.2 ... Center for Internet Security Critical Security Controls ... 170
4.3 ... Secure Operations Map ... 171
4.4 ... Govern ... 177
4.5 ... Identify ... 183
4.6 ... Protect ... 193
4.7 ... Detect ... 238
4.8 ... Respond ... 243
4.9 ... Recover ... 247
4.10 ... Onapsis Platform ... 250
4.11 ... Summary ... 263
5 ... Vulnerabilities and Patches ... 265
5.1 ... SAP Notes ... 265
5.2 ... Managing Vulnerabilities in the SAP Landscape ... 273
5.3 ... Patch Days ... 288
5.4 ... Summary ... 292
6 ... Threat Detection and Incident Response ... 293
6.1 ... Threat Management for SAP ... 293
6.2 ... Threat Intelligence ... 304
6.3 ... Anomaly Detection ... 309
6.4 ... Incident Response, Logging, and Monitoring in SAP ... 310
6.5 ... Summary ... 327
7 ... Business Continuity and Disaster Recovery ... 329
7.1 ... It’s a Matter of When, Not If ... 330
7.2 ... Are We Ready for Disaster? ... 333
7.3 ... Business Continuity/Disaster Recovery for SAP ... 338
7.4 ... Backup Strategy ... 352
7.5 ... Protect Your Keys ... 353
7.6 ... Disaster Recovery Tests ... 354
7.7 ... Summary ... 356
8 ... Infrastructure Security ... 359
8.1 ... Responsibilities and Models ... 359
8.2 ... Operating System Level Security: Secure by Design ... 362
8.3 ... Roles and Responsibility Matrix ... 369
8.4 ... Inventory ... 370
8.5 ... Privileged Access Management ... 372
8.6 ... Logging and Monitoring on the Infrastructure Level ... 373
8.7 ... Physical Data Centers versus Cloud Data Centers ... 375
8.8 ... Antivirus and Anti-Malware Scanning ... 377
8.9 ... Summary ... 378
9 ... Network Security ... 379
9.1 ... Network Basics Concepts ... 379
9.2 ... Network Security: Core Principles and Practices ... 391
9.3 ... Network Security for SAP ... 395
9.4 ... Summary ... 401
10 ... SAP Trust Center ... 403
10.1 ... Resources in SAP Trust Center ... 403
10.2 ... SAP for Me ... 417
10.3 ... Summary ... 418
11 ... Impact of SAP S/4HANA, RISE with SAP, and the Cloud on Cybersecurity ... 419
11.1 ... SAP S/4HANA Migration and What It Means for Cybersecurity ... 420
11.2 ... What the Cloud Means for SAP Cybersecurity ... 428
11.3 ... Summary ... 445
... The Authors ... 447
... Index ... 449
