Why us?
We Are Your Trusted Security Experts!
According to the statistics of the number of vulnerabilities in business applications, there were more than 100 vulnerabilities patched in SAP products in 2009, it grew to more than 500 in 2010. By January, 2013, there had been more than 2500 SAP security notes about vulnerabilities in various SAP components. Today, 2015, the total number of Vulnerabilities on SAP run in excess of 3300. PeopleSoft also following same trend with 0-day exploits being recorded on the increase. Read more
- Achieve organizational improvements and transformation
- Increase business profitability
- Consolidate cross-functional information to increase access to data
- Assist customers identify gaps in their security program
- Advise customers on needed components to reduce attack surface
- Cost optimization
- Developing an appropriate Security strategy
Services
Open Source Software Security
OSS is helping companies develop innovative products faster, cheaper, it is important to add the secure element into the matrix.
let us help you gain the truly secure, cheaper and faster way of using Open Source Software (OSS) develop innovative products at your company
Enterprise Application Security
DeltaGRIC specializes in the protection of Enterprise Applications (SAP and Oracle).
let us provide you with an in-depth analysis of your SAP application vulnerabilities, misconfiguration settings and Z-code program security flaws
Software Advisory
Our Software Advisory arm acts as trusted advisors to businesses of all sizes and type.
Cost optimization
OSS Logistics
OSS logistics provides enterprise with Systemic control over the successful integration of open source into the development and deployment of software…. More →
SAP Penetration Testing
It goes without saying that a user with SAP_ALL can be referred to as SAP GOD. As much as direct access to the database… More →
SAP Forensics For Organisations
Every breach occurs in such a way that the attacker (s) always leaves a signature tracks behind… More →
Oracle Vulnerability Assessment
With the Largest database of Oracle PeopleSoft issues including 0-days exploits, we work with our partners – ERPScan to… More →
In-Depth Training Workshops
We offer onsite and remote trainings though our technical partners. More →
FAQ’s & Blogs
-
I already have SAP GRC, why do I need to do use DeltaGRiC services?
SAP GRC does not highlight the Vulnerabilities in your SAP Landscape, which might have resulted from either: Mis-configuration of the system, Normal vulnerabilities in the system and or exposed services from Portals, RFC’s and or SAP routers. We take Security Seriously, hence, we go beyond the Segregation of Duties and make sure that we support your security in an end to end manner.
-
We have implemented New Generation Firewall and use a solid Endpoint Security Technology?
Ultimately, most Endpoint do not cover security on the Application layer. Sadly, only a few SAP implementation is done in such a way that Security audit logs are enabled. In the cases where, security audit logs are enabled, it is merely done for compliance fulfillment sake. As a matter of fact, many customers and SAP partners do not enable it in the bid to avoid system performance issues which could have been avoided by proper Hardware Sizing. In Security monitoring however, even with Security Audit logs enabled, some cyber security attacks will not be easily detected. Again, policies like BYOD or integration to the cloud only increase your attack surfaces the more.
-
Why would someone attack my SAP/PeopleSoft system?
Your SAP / PeopleSoft system holds all your business critical information – HR data, Vendor masterlist, Business Partner relationships and other interdependencies including business blue prints as the case may be for manufacturers, or credit card and financial information of eh financial services industry. In today’s Cyber world, those data could be easily be sold to the wrong hands in the dark web to the detriment of your customers, your brand and again the violation of compliance like PCI DSS, or POPI act.
-
SAP systems can never be hacked and our system is secure! Besides, we have an internal network?
In 2014 alone, over 391 Security alerts affecting SAP was issued by SAP Security Advisories and over 46% was classified as critically high some of these vulnerabilities are: Shellshock, poodle, heartbleed and malware specifically designed to target SAP – Zombie Zero. Some of these 0day exploits have been used by Anonymous, government sponsored attacks and other Hacktivists to attack leading governments and organizations like the Greek ministry of finance, United States Investigations Services, NVIDIA The truth is that there is no such thing as internal network anymore, there are several tools in the public domain that show you exposed servers from organizations running SAP even without being a trained or skilled hacker.