More Related Content
Similar to 20111012 Sap Datasheet Site
Similar to 20111012 Sap Datasheet Site (20)
20111012 Sap Datasheet Site
- 1. WhiteOPS ™ for SAP Identity Intelligence. Plus.
SAP application, in accordance with its business role, holds good deal of sensitive
information and will usually be in the center of internal and external audit processes.
WhiteOPS™ offers the industry's most holistic solution for protecting your SAP.
Introduction WhiteOPS™ Enables You To
Whitebox Security is an Identity Intelligence solution
provider. WhiteOPS™, the core solution, incorporates all
the required key capabilities in this field. It addresses the
following key identity intelligence questions:
Who did what?
When and where did access occur?
Who has access to what?
Who should have access to what?
Who reviewed and approved what?
With WhiteOPS™ You Can
In addition, WhiteOPS™ addresses the following two
questions, providing a full identity intelligence solution: Monitor privileged and unprivileged users.
Monitor field level view and change activities.
Who / What does not comply with policy?
Who / What risks my business and how? Analyze effective permissions for every user and role.
Detect usage patterns and unused users and roles.
Why Should You Care?
Control access to resources and respond to violations.
You don't know in real-time what users are actually
Detect and easily manage and solve SoD conflicts.
doing.
Proactively avoid SoD conflicts using What-If analysis.
You don't know whether sensitive transactions are
Manage access certification and attestation processes.
being executed by unauthorized personnel.
Manage ITGC controls with best practices.
You want to achieve sustainable and on-going
compliance. Get all the above for various business applications
(ERP, File Servers, SharePoint, Exchange, Home Grown)
You suspect many users have excess privileges in your
from one security console.
SAP application, some violating SoD policy.
You think you have unused resources. (Users, Roles,
Licenses, etc.)
Whitebox Security 2011 ©, All Rights Reserved
http://www.whiteboxsecurity.com Page 1
- 2. WhiteOPS™ Product Overview
Main Capabilities
Identity and Activity Monitoring
Answering two key Identity Intelligence questions: WhiteOPS™ cross examines the defined roles with the
Who did what? actual roles being used. This allows WhiteOPS™ to
When and where did access occur? determine which roles a user should possess and as a
These two capabilities are the cornerstone of our suite. result which he shouldn't possess. You may use this
WhiteOPS™ monitors each type of application using capability to delete unused users and roles and by that
purpose built software. Our SAP solution is 'SAP certified' reduce licenses and operational costs.
by SAP and is real-time and non- Policy Compliance
intrusive by nature. It also Answering two key identity
enables monitoring view and intelligence questions:
change actions of specific fields Who / What does not
inside a transaction, a comply with policy?
WhiteOPS™ unique. This capability is built of three
Furthermore, WhiteOPS™ sub-capabilities:
supplies the security context by (i) Real-Time Unified Policy.
enriching each activity with its (ii) Segregation of Duties (SoD).
complimentary security attributes (iii) Business Asset Compliance.
regarding the user, machine and session from the IT Real-Time Unified Policy
security systems (e.g. HR Modules, Microsoft AD, FWs, WhiteOPS™ patent-pending real-time unified policy
etc.). This assures a complete 360° security context for engine is an industry first. It allows defining both negative
each activity that is relevant to the event execution time. (Define violation, all other cases are approved) and
positive (Define approved cases, all other cases are
WhiteOPS™ enables an innovative forensics mechanism
violations) rules and respond to each violation separately.
that enables you to ask questions and get answers. A
question can be based on every monitored and enriched A rule is a pattern defined based on the attributes from
security attribute. the activity itself, as well as data enriched from various
policy providers. Each attribute is related to a specific WH
Using this tailor-made monitoring solution, WhiteOPS™
question. This allows quick and easy building of rules.
time-to-value is fast and turnovers are quickly achieved.
A Violation of a rule will trigger configurable responses to
Role Analytics allow mitigation of a risk or a compensating control.
Answering two key Identity Intelligence questions:
An example rule can be: a user executing a financial
Who has access to what?
transaction should be a member of the Finance
Who should have access to what?
department, use smart-card authentication and have
This capability enables to view and analyze permissions,
specific finance roles in the Identity Management system.
roles and their usage for all of the monitored applications.
Another example would be: send immediate email
Detect duplicate permissions, Collector users (Aggregating notification to the CISO when a user with a 'junior
permissions while switching positions) or any other accountant' job releases an invoice that is over 10K$.
permissions management anomaly in a click of a button.
Whitebox Security 2011 ©, All Rights Reserved
http://www.whiteboxsecurity.com Page 2
- 3. WhiteOPS™ Product Overview
Policy definitions can be WhiteOPS™ offers you no more surprises. Just schedule
done explicitly using our the compliance checks and controls relevant for your
Policy Editor or the organization from our best practices knowledge base or
innovative Policy Wizard easily create your custom checks and controls.
that is based on analysis of WhiteOPS™ will handle the reminders, execution and
actual usage of a resource. needed approvals so you will get a true on-going
Segregation of Duties (SoD) compliance solution.
SoD is a concept for identifying users with the potential Example to an out-of-the-box control is permissions
for completing business processes on their own. These attestation process that is available to all your business
users can (potentially) perform frauds or mistakes which applications from a single point in the same way.
can bring heavy financial results to the organization.
Impact Analysis
WhiteOPS™ contains a complete Segregation of Duties Answering the key identity intelligence question:
(SoD) solution. Starting from easily customizing the out-of- Who / What risks my business and how?
the-box SoD Policy to fit your company requirements, This capability will correlate all the information created by
through managing SoD violations, exceptions and all the other capabilities into prioritized business
compensation controls. Historical data is saved and information. For example, an IT user who reads a mail of a
analyzed to produce trends analysis. colleague is severe but an IT user who issues 500 MRBR
WhiteOPS™ SoD policy fully supports authorization object (Invoice release) transactions in an hour can be
level rules and variables (e.g. Organization ID) to minimize catastrophic.
false positives and provide greater accuracy. WhiteOPS™ will change alerts priorities, notify you on
WhiteOPS™ enables to proactively analyze permission upcoming compliance checks, send Emails and text
changes effects to the SoD policy compliance using its messages when needed so you will always be aware and
powerful What-If analysis engine. Integration of the handle the most urgent and important issues first.
analysis to a permission change process on various IDM All the impact analysis information is centralized on a
systems is available. dynamic Dashboard screen that contains customizable
widgets. Each
SoD violations are fairly complicated and hard to solve.
widget can be
WhiteOPS™ provides a root-cause-analysis for each SoD
replaced so
violation so all the available paths for resolution would be
that every user
crystal clear in seconds.
will get the
Business Asset Compliance view that fits
Every organization has dozens of compliance checks to be him the most.
executed on timely basis, whether regulation related or
not, it is not an easy task to perform since most of the
organizations are surprised on the day of an audit.
Whitebox Security 2011 ©, All Rights Reserved
http://www.whiteboxsecurity.com Page 3
- 4. WhiteOPS™ Product Overview
WhiteOPS™ Advantages WhiteOPS™ Monitors Portfolio
WhiteOPS™ is a platform
WhiteOPS™ enables you to get all the benefits of purpose-
built software in a platform. All of WhiteOPS™ screens are
designed to treat the same for information originated in
different business applications.
Rapid Time To Value
WhiteOPS™ POCs usually take less than a week to
complete. Production implementation projects usually
take less than a month. In some territories, Whitebox has
cooperation with major accountant firms like Deloitte,
Ernst & Young and KPMG, resulting in compliance controls Why Whitebox Security?
and SoD policy that are tailored-made to the customer.
Whitebox Security is the first company to focus on
Data Enrichment purpose built identity intelligence platform. The company
WhiteOPS™ is equipped with an innovative and patent- has been named one of the top 10 innovative security
pending data enrichment mechanism. Every monitored companies in 2010 by the RSA conference.
activity is enriched by data regarding the user, machine Whitebox Security is fast growing with proven success
and session from organizational security systems like record as a solution provider to top ISPs, Financial
directory services, HR modules, IDM systems and more. Services, Retail and defense industries companies.
All information is going through a data dictionary, no text Among our customers you can find:
blobs. That way, every activity can be understood by
anyone, regardless of his technical skills.
Forensics Capabilities
WhiteOPS™ allows you to ask anything. Literally ask. Using
the advanced forensics mechanism you can, for example,
ask for all the activities made on business transactions by
workers from the IT department. Contact Information
Policy Compliance Whitebox Security Ltd.
WhiteOPS™ enables you to manage a complete audit P.O. Box 1025
process starting from controls execution, reviews and Tel Aviv, 61009
approvals and easily producing the needed reports to the Israel
auditor. Best practices are supplied out-of-the-box. T:+972-54-2452840
F:+972-3-7602007
Proactivity
sales@whiteboxsecurity.com
WhiteOPS™ provides proactive insights by simulating
affects to policy compliance by permission changes made
in a monitored system.
Whitebox Security 2011 ©, All Rights Reserved
http://www.whiteboxsecurity.com Page 4