Skip to Content
Product Information
Author's profile photo Greg Malewski

A tool for automated security checks – A release candidate – call for participants

Using the experience from Fiori Tracker, we (the Fiori Tracker team) have developed a tool for SAP system security checks. The tool called Gover runs on any SAP on-prem with SAP Gateway and comes as a set of components that you can install and upgrade independently. Here is the list of components:

  1. Gover reports – listing the results of the checks
  2. As-is API Main – enables the required data collection from all you SAP systems
  3. Security patches check – verifies whether your SAP systems contain the latest security fixes
  4. Security parameters check – examines security-related system parameters
  5. Password status check – ensures that standard password as changed

More checks in preparation.

Selected security checks and As-is API are offered for free. Free checks will allow users to get familiar with the tool. The paid ones enable the funding for maintenance and upgrades of the whole suite.

As at the current stage, we need as much customer input as we can get, we are looking for customers that would like to start using Gover or just evaluate in sandbox systems. In exchange for input, we offer free installation and support for all available checks.

If you are interested please contact us using the form on the Gover page.

Thanks and I’m looking forward to talking to you.

Greg

Assigned Tags

      2 Comments
      You must be Logged on to comment or reply to a post.
      Author's profile photo Gurbir Brar
      Gurbir Brar

      Hi Greg,

      How does Gover differ from Solman? Solman offers most of the features listed here.

      Thank you,

      Gurbir

      Author's profile photo Greg Malewski
      Greg Malewski
      Blog Post Author

      Thanks for the comment. The main difference will come with additional checks, especially ones that will leverage the Fiori Apps' Usage and Fiori Tracker content. Another aspect is to get an overview of the security standing of a large number of systems and the use of "To-be" records reflecting company security policy.

      Do you see anything outside the Solman HealthCheck-like report that new checks should cover?