Core Business Application Security Workshop
Organize Your Three Lines of Defense
To create a common understanding and build bridges between the three lines of defense, the core business application security workshop is a structured approach to lower the knowledge asymmetry between the different stakeholders for SAP ERP security.
Throughout the one-day workshop, representatives of the three-lines of defense can describe their activities about securing the organization's SAP core business applications against cybersecurity threats. As a result, potential gaps and overlaps can be identified according to the core business application security framework of the OWASP projects "core business application security" (CBAS) and the "security assurance maturity model" (SAMM).
How you will benefit from conducting the Core Business Application Security Workshop:
- Identify communication gaps between the three lines of defense
- High-level responsibility gaps are identified between the three lines of defense
- Threats and weaknesses are identified against the system model (identifying threats using a data flow diagram)
- Table-top exercise to find additional threats and vulnerabilities with the current setup and across the three lines of defense
- Finding quick wins that may help the organization secure identified gap areas
Similar security services around your PEOPLE:
Each organization we work with has different needs. We offer a suite of services to help you better understand and protect your SAP landscape – such as the Core Business Application Security Workshop helps and benefits your PEOPLE security. The following offerings are similar services that safeguard your SAP environment through your people:
