Gazinformservice: SafeERP

SafeERP is a software package designed to protect systems on the SAP NetWeaver platform.

2024

SafeERP 4.9.3 (Q2 2024)

Gazinformservice has released another quarterly release of SafeERP 4.9.3 (Q2 2024), a modular software complex for protecting business applications. The update includes a number of new features and improvements to improve security.

The SafeERP Security Suite (SecSuite) module provides enhanced platform protection with the addition of 34 new standard checks in the Scanner. According to the developers, the interface has become more convenient, the Checks tab has been added, the view of the Check Profiles has changed, which makes it easy to create, edit and delete your own checks. Code protection has been expanded: filters have been added to view vulnerabilities, a vulnerability address (INCLUDE) can be viewed, and the Iteration Comparison tab has been introduced to track the dynamics of changes in the occurrence/reduction of vulnerabilities (project change).

SafeERP Code Security Extension Module (CS EM) provides improved protection for 1C and other programming languages, including the ability to create your own roles, advanced validation descriptions. The module received new checks for 1C, and also adjusted checks for Python/1C.

SafeERP Platform Security Extension Module (PS EM) has also been expanded with exploits, which has expanded protection against current threats, including vulnerabilities in the Confluence Data Center, Confluence Server, Jenkins CLI and TeamCity.

Release 4.9.3 also made changes to the interface: SecSuite was transferred to the web interface, and SAP FIORI received a number of updates, including the addition of a new transaction, confirmation windows and improvements in the "Event Log."

CS EM and PS EM have successfully passed the compatibility test Jatoba with and are preparing for a integration single EMs interface.

"SafeERP 4.9.3 is the next step in the development of a comprehensive system for protecting business applications, aimed at ensuring maximum security and user experience," said Rimma Kuleshova, SafeERP Product Manager at Gazinformservice.

Red OS Compatibility 8

The SafeERP CS EM solution has become available to Red OS 8 users. The development of Gazinformservice automatically analyzes the security status of 1C, Python, SQLScript, JavaScript and other programming languages, detecting and fixing vulnerabilities. Red Soft announced this on July 31, 2024.

The SafeERP CS EM module will help to timely identify vulnerabilities in the code of the programs used, and the RED OS 8 operating system will become a convenient domestic platform for the safe work of employees.

We at Gazinformservice are doing everything to ensure that in conditions of external instability, the business processes of our customers are under reliable protection. The compatibility of SafeERP CS EM and RED OS 8 is the result of the joint efforts of the specialists of Gazinformservice and RED SOFT, which confirms our commitment to ensuring security and stability for our customers, this is one of the main priorities, - said SafeERP Product Manager Rimma Kuleshova.

Every year, the number of solutions developed by domestic IT companies is increasing, and with the development of import substitution, the pace is only accelerating. The compatibility of our operating system with SafeERP CS EM from Gazinformservice is great news for the domestic technology market. The joint implementation of RED OS 8 and SafeERP CS EM will help both close import substitution tasks and ensure safe work with the organization's infrastructure, - said Rustam Rustamov, Deputy General Director of RED SOFT.

2014

SafeERP received the functionality of analyzing the customized AVAR code

Gazinformservice introduced in December 2014 an update for the SafeERP software package designed to protect systems built on the SAP NetWeaver platform.

In addition to the existing integrity control and security event logging functions in previous versions, the SafeERP PC was able to analyze the customized code of SAP systems for vulnerabilities in it. The analysis mechanism used detects vulnerabilities based on static analysis, in which vulnerability scanning is based on the use of a template library.

Checks of this module allow you to determine the sources of such vulnerabilities as:

• Critical command calls. OS
• Critical access to DBMS.
• Critical calls to kernel functions.
• No authorization checks.
• Software bookmarks.

The search is carried out using the source code of the SAP system without additional code uploading to an external analysis tool, which increases security and increases the speed of tests. It is also possible to embed the code validation process in the transport system at the request validation level.

The module provides a detailed description of each vulnerability found with examples of its exploitation and a description of business risks.

The new functionality of the SafeERP PC has the ability to save scan results, as well as upload them as PDF files for management and XLS files for interaction with code developers.

Functional features and advantages of SafeERP software:

• Rapid integration. The SafeERP software package is certified by SAP Add-On, which guarantees instant deployment and use of the complex.
• Reduce the time and human cost of auditing code. The built-in knowledge base allows you to analyze the code for users who do not have experience with ABAP, reducing the time required to train specialists to audit the code.
• A significant number of checks. The software package uses more than 100 scenarios to find vulnerabilities of all known types. The database is constantly updated and replenished with new checks.
• Categorization of vulnerabilities. Allows you to identify the most critical vulnerabilities and determine the order of their further elimination. The functionality of detailed reporting allows you to interact with developers in their language.
• Quality analysis of the developed code. The SafeERP software package provides mechanisms for preventive assessment of the reliability of the enterprise information system, even before the developed functionality is adopted into the productive stage. The use of SafeERP PCs allows you to avoid outages and optimize enterprise resources. The reporting system implemented in it provides management with a visual assessment of the security of the developed business functionality.

Examples of the ABAP Code Analysis Module interface:

• ALL OCCURRENCES OF SY-SYSID. The test checks all occurrences of the SY-SYSID system variable. This variable contains the name of the SAP system where the ABAP code is launched. Any code that depends on SY-SYSID can bypass QA (Quality Assurance).
• Broken AUTHORITY-CHECKS. The test determines the use of the authorization check command without a subsequent check on sy (st) -subrc.
• Exposed Kernel Calls. The ABAP CALL CFUNK command directly calls kernel functions. Functions written in C can significantly improve performance, but their use is not recommended from a security point of view. Calling the kernel function directly from the user directory makes the SAP C kernel vulnerable to potential attacks.

SafeERP Exit

January 21, 2014 it became known about the entry into the market of the complex for the protection of corporate systems SAP of the company. Gazinformservice

In real time, SafeERP monitors the security status of SAP systems, providing access to security settings, security event logs in the system.

The systems SAP of large companies store confidential information and process business-critical data, which attracts attackers and competitors. SafeERP automates the process of managing security in such systems and shows a complete picture of the security of SAP systems throughout the IT environment.

Components of the complex

The whole complex is based on the SafeERP management server and SafeERP agents that are installed in the company's SAP systems. The Unified Information Security Console displays the security settings of all controlled SAP systems.

The complex operation is configured on the management server using the administrator console, where security policies are determined, information selection parameters from agents are set.

The complex is used on SAP NetWeaver 7.0 and later systems. The complex requires a graphical interface (SAP GUI) of the current version.

SafeERP Capabilities

• It allows you to fix and monitor the safe state of the program code in the system.
• Provides access to information about SAP system security settings through a unified interface.
• Enables you to quickly view critical security events and process them.

Monitoring of safe functioning is carried out through collection, processing, secure storage and correlation of information security events occurring in SafeERP systems controlled by the complex.

SafeERP, unlike most existing Security Information and Event Management (SIEM) systems, helps control access to restricted-use information processed and controlled by the SAP system when configured accordingly. In addition to this, SafeERP has a software interface for integrating (transmitting events) into other SIEM systems.

Functionality

• Control the integrity of SAP software objects and their own components by calculating checksums.
• Security Policy Management.
• Centrally collect and view information security events by category.
• Control the parameters of SAP instance profiles.
• Centrally collect and display changes to user accounts, roles, and permissions.
• Log management events.
• Reporting information security events.
• Quickly analyze system security and monitor critical developments.