SAP Enterprise Threat Detection
What Is SAP Enterprise Threat Detection?
Powered by SAP HANA, SAP Enterprise Threat Detection enables security administrators to detect, monitor, and analyze security events throughout the SAP landscape by scanning log files and identifying suspicious patterns. It includes a security information and event management (SIEM) tool that employs real-time intelligence to detect external and internal cyber threats and comply with data protection and audit regulations. Available on-premise or in the cloud, SAP Enterprise Threat Detection includes preconfigured and customizable functionality, risk-based prioritized automated alerts, as well as forensic investigation, threat hunting, and anomaly detection. In 2021, SAP launched a cloud-based managed service version of SAP Enterprise Threat Detection.
Key capabilities include:
- Forensic investigation, threat hunting, and anomaly detection functions
- Risk-based and prioritized alerts
- Rapid security log analysis and correlation
- Continuous monitoring of systems
Key Considerations for SAPinsiders
What Is SAP Enterprise Threat Detection?
Powered by SAP HANA, SAP Enterprise Threat Detection enables security administrators to detect, monitor, and analyze security events throughout the SAP landscape by scanning log files and identifying suspicious patterns. It includes a security information and event management (SIEM) tool that employs real-time intelligence to detect external and internal cyber threats and comply with data protection and audit regulations. Available on-premise or in the cloud, SAP Enterprise Threat Detection includes preconfigured and customizable functionality, risk-based prioritized automated alerts, as well as forensic investigation, threat hunting, and anomaly detection. In 2021, SAP launched a cloud-based managed service version of SAP Enterprise Threat Detection.
Key capabilities include:
- Forensic investigation, threat hunting, and anomaly detection functions
- Risk-based and prioritized alerts
- Rapid security log analysis and correlation
- Continuous monitoring of systems
Key Considerations for SAPinsiders
Protect the “crown jewels” in SAP applications. Arndt Lingscheid, Global Solution Owner Cybersecurity and Data Protection at SAP, explains that a company’s most valuable assets — crown jewels — are often located in SAP applications. SAP Enterprise Detection alerts security professionals early to security threats to the crown jewels. “We can do forensic analysis for SAP application logs and threat hunting to identify anomalous activity in the systems to identify threats early,” he explains. The platform has the ability to process and analyze up to 250,000 events per second and correlate the data in real-time with other logs coming in from the SAP environment, he says.
Look at the whole security puzzle. SAP Enterprise Threat Detection uses automated processes based on SAP HANA and machine learning to track attacker activity using predefined and customizable attack paths and user behavioral analysis. It provides automated alerts when attack patterns are detected, which are forwarded to other SIEM systems. The tool enables the security analyst to click on a button and get a correlation of different log types sorted by timestamp to give a complete picture of an enterprise’s security, Lingscheid notes. “We are able to look at the whole security puzzle, not just single puzzle pieces,” he says.
Monitor for suspicious behaviors and anomalous events. SAP Enterprise Threat Detection reduces the time required to identify suspicious events and vulnerabilities in key SAP systems. The platform provides transparency into suspicious user behavior and anomalies in SAP applications to identify and stop security breaches in real time, Lingscheid relates. Its managed service includes monitoring of customers’ entire ERP landscape continuously by SAP experts and risk-based, prioritized alerting. A monthly report summarizes all suspicious activities detected and the details of how they were carried out.
What other vendors offer help with enterprise threat detection for SAP products? Some of the other vendors that offer help with enterprise threat detection for SAP customers include Layer Seven Security, Onapsis, Virtustream, Winterhawk Consulting, Xiting.
13 results
-
Simply Securing a System Is No Longer Sufficient
By Robert Holland, VP Research, SAPinsider Securing an SAP system used to involve checking access and process controls and ensuring that the most recent SAP Notes had been applied. Now it involves not only ensuring that the system itself is up to date but must address cybersecurity and compliance issues as well. The Threat Landscape…
-
Premium
Cybersecurity: Case study: How McKesson uses SAP Enterprise Threat Detection to identify and mitigate risks
Learn how McKesson, the largest U.S. pharmaceutical distributor, implemented SAP Enterprise Threat Detection to strengthen its cybersecurity position. Click this link to view the slides from this session — Cyber_2017_Kuo_Wienand_Casestudyhowmckessonusessap. Benjamin Wienand If you have comments about this article or publication, or would like to submit an article idea, please contact the editor....…
-
- Premium
How to Configure SAP Enterprise Threat Detection for Increased Surveillance and Real-Time Analysis of Security Threats
Mining of important security-related logs has always been a challenge for most enterprises in terms of how to gain appropriate security intelligence from collected data sets in order to forestall malicious attacks from within and outside an enterprise. Kehinde Eseyin shows how to set up the SAP Enterprise Threat Detection system landscape to facilitate log...…
Your request has been successfully sent