Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Cybsec launches a new free software to assess security level in SAP landscapes
From: "CYBSEC Labs" <cybseclabs () cybsec com>
Date: Wed, 10 Feb 2010 08:01:34 -0500

Cybsec-Labs, the research laboratory of Cybsec Security Systems, is proud
to announce the launching of SAFE Free, a free software to assess the
security level in SAP R/3 landscapes.

With SAFE Free you will automatically and easily learn if a SAP
installation is fulfilling the main security requirements demanded by
audits and international regulations (Sarbanes Oxley Act, HIPAA, PCI,
CobIT, etc.).

SAFE Free is focused on facilitating and speeding up security verification
activities performed by those in charge of the SAP landscape maintenance
and security control.

SAFE Free is the result of the experience gained and the research
conducted by Cybsec engineers, and it becomes the natural complement of
SAPyto ( http://www.cybsec.com/EN/research/sapyto.php ), the leading free
software for SAP landscape Penetration Testing.

SAFE Free performs a thorough analysis of configuration, authorization,
communications, and other parameters in the SAP installation and compares
them to international best practices; results are shown in reports
indicating the target value to be achieved.

The SAFE FREE includes 50 plug-ins covering different security aspects
(access, audit, authorization, Basis, communications and users) of a SAP
installation, being some of them as follows:

•       Implemented security policies
•       Dynamic audit status
•       Status of table modifications control
•       Patch implementation on the target system
•       Authorization objects associated to customized transactions
•       Custom programs with associated transaction
•       Execution of programs though the SAP Gateway
•       ICM Status
•       Configured virtual services
•       Systems with which trust relationships are kept
•       Users lacking an associated profile
•       Users with SAP_ALL that were not specified in contextual options

SAFE FREE is available for SAP Netweaver 7.0, 7.1 and 6.4, under Windows
with the Oracle database, MS SQL Server, IBM DB2, SAP liveCache Technology
or Informix.

Download SAFE FREE Version http://www.cybsec.com/EN/research/safe.php

Download full list of plugins
http://www.cybsec.com/EN/research/Plugins_SAFE_Free.pdf

For further information on specific SAP Security services, go to the SAP
Security section. http://www.cybsec.com/EN/services/SAP_security.php


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • Cybsec launches a new free software to assess security level in SAP landscapes CYBSEC Labs (Feb 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]