The Evolution of SAP HANA Security: How to Protect the Version you are Running

SAP HANA is a constantly evolving and important technology for any SAP customers. If you have not already included HANA In your landscape you are most likely planning to do so in the near future. It has several offerings including S/4 HANA, HANA Cloud Platform and now several other SAP products heavily rely on its power to process big data at a fast pace. 

To date, HANA has already been adopted by more than 7,200 customers worldwide including governments, aerospace and defense, automotive and healthcare companies to name a few. Conceived and designed to be the underlying database for every future SAP System, it stores all business-critical information that keeps a company running. 

Over the past few years, SAP has included new features in SAP HANA to fulfill their customer’s business needs. However, as a result, these features have increased the platform’s attack surface.

During this presentation, attendees will get an agnostic view of the evolution of SAP HANA security from its beginnings to its latest version, 2.0, which was released in late 2016. Attendees will understand how the platform evolved through architectural changes, and vulnerability patch management and how to secure the systems they are currently running in their landscapes.  This presentation will cover the process of vulnerability discovery and evaluation of fixes including some of the critical bugs uncovered by our research team. 

Finally, we will share our recommendations for how organizations can protect their SAP HANA platform from attackers and will provide guidelines for effectively auditing and assessing SAP HANA systems. 

Speaker:

Juan Pablo Perez-Etchegoyn, CTO, Onapsis