Full Disclosure mailing list archives
Cybsec launches a new free software to assess security level in SAP landscapes
From: "CYBSEC Labs" <cybseclabs () cybsec com>
Date: Wed, 10 Feb 2010 08:01:34 -0500
Cybsec-Labs, the research laboratory of Cybsec Security Systems, is proud to announce the launching of SAFE Free, a free software to assess the security level in SAP R/3 landscapes. With SAFE Free you will automatically and easily learn if a SAP installation is fulfilling the main security requirements demanded by audits and international regulations (Sarbanes Oxley Act, HIPAA, PCI, CobIT, etc.). SAFE Free is focused on facilitating and speeding up security verification activities performed by those in charge of the SAP landscape maintenance and security control. SAFE Free is the result of the experience gained and the research conducted by Cybsec engineers, and it becomes the natural complement of SAPyto ( http://www.cybsec.com/EN/research/sapyto.php ), the leading free software for SAP landscape Penetration Testing. SAFE Free performs a thorough analysis of configuration, authorization, communications, and other parameters in the SAP installation and compares them to international best practices; results are shown in reports indicating the target value to be achieved. The SAFE FREE includes 50 plug-ins covering different security aspects (access, audit, authorization, Basis, communications and users) of a SAP installation, being some of them as follows: Implemented security policies Dynamic audit status Status of table modifications control Patch implementation on the target system Authorization objects associated to customized transactions Custom programs with associated transaction Execution of programs though the SAP Gateway ICM Status Configured virtual services Systems with which trust relationships are kept Users lacking an associated profile Users with SAP_ALL that were not specified in contextual options SAFE FREE is available for SAP Netweaver 7.0, 7.1 and 6.4, under Windows with the Oracle database, MS SQL Server, IBM DB2, SAP liveCache Technology or Informix. Download SAFE FREE Version http://www.cybsec.com/EN/research/safe.php Download full list of plugins http://www.cybsec.com/EN/research/Plugins_SAFE_Free.pdf For further information on specific SAP Security services, go to the SAP Security section. http://www.cybsec.com/EN/services/SAP_security.php _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Cybsec launches a new free software to assess security level in SAP landscapes CYBSEC Labs (Feb 10)