SAP Enterprise Threat Detection


What Is SAP Enterprise Threat Detection?

Powered by SAP HANA, SAP Enterprise Threat Detection enables security administrators to detect, monitor, and analyze security events throughout the SAP landscape by scanning log files and identifying suspicious patterns. It includes a security information and event management (SIEM) tool that employs real-time intelligence to detect external and internal cyber threats and comply with data protection and audit regulations. Available on-premise or in the cloud, SAP Enterprise Threat Detection includes preconfigured and customizable functionality, risk-based prioritized automated alerts, as well as forensic investigation, threat hunting, and anomaly detection. In 2021, SAP launched a cloud-based managed service version of SAP Enterprise Threat Detection.

Key capabilities include:

  • Forensic investigation, threat hunting, and anomaly detection functions
  • Risk-based and prioritized alerts
  • Rapid security log analysis and correlation
  • Continuous monitoring of systems

Key Considerations for SAPinsiders

What Is SAP Enterprise Threat Detection?

Powered by SAP HANA, SAP Enterprise Threat Detection enables security administrators to detect, monitor, and analyze security events throughout the SAP landscape by scanning log files and identifying suspicious patterns. It includes a security information and event management (SIEM) tool that employs real-time intelligence to detect external and internal cyber threats and comply with data protection and audit regulations. Available on-premise or in the cloud, SAP Enterprise Threat Detection includes preconfigured and customizable functionality, risk-based prioritized automated alerts, as well as forensic investigation, threat hunting, and anomaly detection. In 2021, SAP launched a cloud-based managed service version of SAP Enterprise Threat Detection.

Key capabilities include:

  • Forensic investigation, threat hunting, and anomaly detection functions
  • Risk-based and prioritized alerts
  • Rapid security log analysis and correlation
  • Continuous monitoring of systems

Key Considerations for SAPinsiders

Protect the “crown jewels” in SAP applications. Arndt Lingscheid, Global Solution Owner Cybersecurity and Data Protection at SAP, explains that a company’s most valuable assets — crown jewels — are often located in SAP applications. SAP Enterprise Detection alerts security professionals early to security threats to the crown jewels. “We can do forensic analysis for SAP application logs and threat hunting to identify anomalous activity in the systems to identify threats early,” he explains. The platform has the ability to process and analyze up to 250,000 events per second and correlate the data in real-time with other logs coming in from the SAP environment, he says.

Look at the whole security puzzle. SAP Enterprise Threat Detection uses automated processes based on SAP HANA and machine learning to track attacker activity using predefined and customizable attack paths and user behavioral analysis. It provides automated alerts when attack patterns are detected, which are forwarded to other SIEM systems. The tool enables the security analyst to click on a button and get a correlation of different log types sorted by timestamp to give a complete picture of an enterprise’s security, Lingscheid notes. “We are able to look at the whole security puzzle, not just single puzzle pieces,” he says.

Monitor for suspicious behaviors and anomalous events. SAP Enterprise Threat Detection reduces the time required to identify suspicious events and vulnerabilities in key SAP systems. The platform provides transparency into suspicious user behavior and anomalies in SAP applications to identify and stop security breaches in real time, Lingscheid relates. Its managed service includes monitoring of customers’ entire ERP landscape continuously by SAP experts and risk-based, prioritized alerting. A monthly report summarizes all suspicious activities detected and the details of how they were carried out.

What other vendors offer help with enterprise threat detection for SAP products? Some of the other vendors that offer help with enterprise threat detection for SAP customers include Layer Seven Security, Onapsis, Virtustream, Winterhawk Consulting, Xiting.

9 results

  1. Cybersecurity sessions

    Securing the Intelligent Enterprise with SAP’s Enterprise Threat Detection

    Published: 20/April/2023

    Reading time: 2 mins

    The heightened global prevalence of cyber threats has amplified the urgency for organizations to move beyond the traditional preventive measures. Organizations now need to adopt more stringent protocols for real-time monitoring, threat detection, and swift response in order to effectively protect their businesses. This article discusses SAP’s Enterprise Threat Detection, a comprehensive offering that enables…

  2. Cybersecurity expert

    Video: Protect SAP from Ransomware and Supply Chain Attacks

    Today, enterprises are confronting a myriad of cyberthreats. Two of the most destructive are ransomware and software supply chain attacks. Ransomware attacks have soared over the last couple of years, and that trend has only accelerated. In fact, ransomware attacks have increased 57% since the beginning of this year, and the average number of companies…

  3. ransomware and security image

    Strategies to Thwart Ransomware and Supply Chain Attacks

    Published: 15/September/2021

    Reading time: 4 mins

    Today, enterprises are confronting a myriad of cyberthreats. Two of the most destructive are ransomware and software supply chain attacks. Ransomware attacks have soared over the last couple of years, and that trend has only accelerated. In fact, ransomware attacks have increased 57% since the beginning of this year, and the average number of companies…

  4. The business benefits of SAP Enterprise Threat Detection

    Nowadays, not a day goes by without a new data breach being reported in the news. Cyber-attacks often target our IT infrastructure using phishing, smishing, ransomware or malware. The goal is often to disrupt a company's operations, encrypt databases or block access to carry out extortion. The average time to contain a security breach is…

  5. Case study | Threat detection in SAP applications & implementation of SAP Enterprise Threat Detection

    An important component of a comprehensive security strategy is control over activities performed within the SAP environment to ensure landscape security . This includes monitoring applications behavior with respect to policies and regulatory requirements. This session will discuss three customer scenarios both before and after implementing SAP Enterprise Threat Detection. Scenario 1 Before implementing SAP…

  6. Keynote | System Down? How to Protect Your SAP Landscape for Upcoming Threats in 2021

    In the past few years, 64% of organizations’ ERP systems have been breached, according to a research study by IDC. Are you aware how attackers have breached and can break into unprotected customer SAP landscapes? Attend this session to gain insights into: - What attacks on your SAP systems look like - What security challenges…

  7. Keynote | Enhancing Your SAP Security and Compliance Strategy in the Era of Digital Transformation

    Join Onapsis, an SAP partner now offering an SAP Endorsed App, and SAP as we highlight our partnership and how we work together to address security, compliance, and resiliency challenges, so organizations can protect their most mission-critical applications. In this session, we will discuss the increasing threat landscape, the importance of modernizing security and compliance…

  8. Simply Securing a System Is No Longer Sufficient

    Published: 13/November/2020

    Reading time: 5 mins

    By Robert Holland, VP Research, SAPinsider Securing an SAP system used to involve checking access and process controls and ensuring that the most recent SAP Notes had been applied. Now it involves not only ensuring that the system itself is up to date but must address cybersecurity and compliance issues as well. The Threat Landscape…

  9. How to Configure SAP Enterprise Threat Detection for Increased Surveillance and Real-Time Analysis of Security Threats

    Published: 14/April/2016

    Reading time: 29 mins

    Mining of important security-related logs has always been a challenge for most enterprises in terms of how to gain appropriate security intelligence from collected data sets in order to forestall malicious attacks from within and outside an enterprise. Kehinde Eseyin shows how to set up the SAP Enterprise Threat Detection system landscape to facilitate log...…