sapcyberx
RISE JOURNEY · 03

Live on SAP RISE

You are live. Your SAP RISE environment is running the business. Now is the right time to validate your security posture, close the gaps that opened during go-live, and build the assurance your organisation needs to operate with confidence.

sapcyberx works with organisations already live on SAP RISE — on demand, on a fixed annual cycle, or as a standing advisory. Independent. Fast. Aligned to your cyber framework.

Talk to us about your RISE environment

What organisations want to achieve

Validate the security baseline
Confirm your SAP RISE environment is configured to the standard it was designed for. Drift from the go-live baseline is common and cumulative.
Close shared-responsibility gaps
Identify controls that fell between SAP ECS and your team during go-live. Apply the Three-Bucket Method™ to clarify ownership and remediation path.
Strengthen audit and board reporting
Produce an independent, audit-ready evidence pack mapped to ISM, Essential Eight, NIST and ISO 27001. Evidence your auditor and board will accept.
Extend coverage to new surfaces
New BTP workloads, Joule AI, integrations and third-party connections added post go-live each introduce new attack surface. Assess before they become risk.
Verify identity and access controls
Role drift, emergency access accumulation and identity federation gaps are the most common live-environment findings. Validate your IAM posture independently.
Run an independent penetration test
Test your live environment adversarially. 7-day standard RISE scope. Extended to 14 days for infrastructure, integrations and AI surface. Report and retest included.
WHAT WE DELIVER

On demand. Annual cycle.
Always independent.

Every live RISE environment is different. We work on demand for organisations who need a specific assessment or test, and on an annual fixed cycle for organisations who want continuous assurance baked into their security programme.

CYBER ASSESSMENT

14-Day SAP Cyber Assessment

A structured 14-day assessment of your live SAP RISE environment. Pre-built test packages and accelerators mean we scope fast, test deep, and deliver an audit-ready evidence pack — without disruption to your live operations.

What we assess
  • Mandatory parameters vs SAP Note 3250501
  • Identity and access — IAS, IPS, IAG, MFA
  • Authorisation and SoD posture
  • Network — RFC, Gateway, ICM, Web Dispatcher
  • Infrastructure — WAF, FW, DNS, TLS certs
  • Custom code and ABAP review
  • Fiori catalogues and OData exposure
  • BTP, integration and AI workloads
What you receive
  • Audit-ready evidence pack
  • Three-Bucket Method™ findings
  • Executive summary
  • Framework mapping (ISM · E8 · NIST · CIS)
  • Remediation roadmap
  • Retest of critical findings
Timeframe
  • 14 days end-to-end
  • Fixed scope after scoping call
  • No disruption to live operations
  • Available on demand or annual cycle
→ Full assessment details on our Assessment page
PENETRATION TESTING

SAP Penetration Test — 7 Days Standard Scope

An adversarial test of your live SAP RISE environment. Standard scope delivered in 7 days — extended to 14 days for infrastructure, integrations and AI surface. SAP NDA managed. KBA 3080379 compliant. Risk-ranked report and remediation roadmap delivered. Full retest included.

Standard scope (7 days)
  • RFC Gateway exploitation
  • ICM and Web Dispatcher
  • Fiori and OData exposure
  • Identity federation attacks
  • SAML, OIDC, MFA bypass
  • ABAP static and dynamic analysis
  • HANA privilege escalation
Extended scope (+7 days)
  • WAF and firewall validation
  • DNS and TLS/HTTPS review
  • Cloud Connector end-to-end
  • BTP security configuration
  • SuccessFactors, Ariba, IBP
  • Joule and AI agent testing
  • BTP-hosted AI workloads
What you receive
  • CVSS-scored findings
  • Risk-ranked remediation roadmap
  • Three-Bucket Method™ output
  • Executive summary
  • SAP KBA 3080379 compliant
  • Full retest included
→ Full pen test details on our Pen Test page
MOST POPULAR FOR LIVE ENVIRONMENTS
ANNUAL PROGRAMME

Annual SAP Cyber Assurance Programme

For organisations who want continuous SAP security assurance built into their annual programme. One cyber assessment, one penetration test, and two quarterly checkpoint reviews per year. Fixed scope. Independent. Audit-ready output every cycle.

  • Annual 14-day SAP Cyber Assessment
  • Annual SAP Penetration Test (7-day standard, 14-day extended)
  • Two quarterly SAP security checkpoint reviews
  • Continuous Three-Bucket Method™ tracking
  • Year-on-year maturity progress reporting
  • Priority access for on-demand advisory
  • Framework alignment updates
  • Board-ready annual security summary

Organisations on annual programme typically move from 40% to 75%+ Essential Eight maturity within 12 months — leveraging SAP RISE capabilities at no additional licence cost.

Request an annual programme proposal

Most engagements start within two weeks of first call. Fixed scope after scoping call.

→ Book a 30-minute call
Related
SAP Cyber AssessmentSAP Penetration TestingCapabilities