Protect Your Connected Business Systems by Identifying and Analyzing Threats



Similar documents
R49 Using SAP Payment Engine for payment transactions. Process Diagram

Cut Costs and Improve Agility by Simplifying and Automating Common System Administration Tasks

Partner Certification to Operate SAP Solutions and SAP Software Environments

Cost-Effective Data Management and a Simplified Data Warehouse

Optimize Application Performance and Enhance the Customer Experience

Transform Audit Practices and Move Beyond Assurance

SAP Solution Manager: The IT Solution from SAP for IT Service Management and More

Discover, Cleanse, and Integrate Enterprise Data with SAP Data Services Software

Streamline Processes and Gain Business Insights in the Cloud

Managing Procurement with SAP Business One

Price and Revenue Management - Manual Price Changes. SAP Best Practices for Retail

Automate Complex Pay Rules While Streamlining Time and Attendance Management

Formulate Winning Sales and Operations Strategies Through Integrated Planning

Protect Your Customers and Brands with Multichannel Two-Factor Authentication

Help Users Rapidly Adopt New Technology for a Faster Return on Investment

Simplify Complex Architectures and See the Potential Impact of New Technologies

Integrated Finance, Risk, and Profitability Management for Insurance

GR5 Access Request. Process Diagram

SuccessFactors Global Human Capital Management (HCM) Academy and Admin Training Schedule (Q3 Q4 2014)

How To Use An Automotive Consulting Solution In Ansap

Information Technology Meets Operational Technology in the Internet of Things

Cyber Governance Preparing for the Inevitable Perimeter Breach

SAP Mobile Services Enterprise Knowledgebase Overview and Access Guide

Greater Continuity, Consistency, and Timeliness with Business Process Automation

Enterprise Information Management Services Managing Your Company Data Along Its Lifecycle

Resource Management for the Oil and Gas Industry

Simplify IT and Reduce Costs with Automated Data and Document Archiving

Empowering Teams and Departments with Agile Visualizations

Reduce Costs and Improve Materials Management with Mobile Technology

Sync, Share, and Store Information Across Devices Effectively and Securely

Multi Channel Sales Order Management: Mail Order. SAP Best Practices for Retail

Your Intelligent POS Solution: User-Friendly with Expert Analysis

Run Better in Weeks to Address Current and Future Business Needs

Visualization Starter Pack from SAP Overview Enabling Self-Service Data Exploration and Visualization

Power Smart Business Operations with Real-Time Process Intelligence

Content Management for SAP Business Suite powered by SAP HANA

Deliver Secure, User-Friendly Access to Mobile Business Apps

AribaPay Operational Details

Simplify Invoice Processing for Complex, Project-Based Spend

Application Test Management and Quality Assurance

FA7 - Time Management: Attendances/Absences/Overtime/Hajj Leave. Process Diagram

Managing Customer Relationships with SAP Business One

SAP Best Practices for SAP Mobile Secure Cloud Configuration March 2015

Gain Contextual Awareness for a Smarter Digital Enterprise with SAP HANA Vora

K75 SAP Payment Engine for Credit transfer (SWIFT & SEPA) Process Diagram

SAP Product and Cloud Security Strategy

Powering Content-Rich Customer Success Centers for Omnichannel Support

Financial Management with SAP Business One

Streamline End-to-End Payment Processes on a Central Platform

PSM-PPM Integration SAP Product Structure Management

Mobile app for Android Version 1.2.x, December 2015

Simplify and Secure Cloud Access to Critical Business Data

SAP Learning Hub: Your Competitive Advantage for a Career in SAP Solutions

Add Location Intelligence and Analytics into Your BI, Dashboard, and Mobile Apps

Increase Cash Returns and Optimize Working Capital with Early-Payment Discounts

Increase Efficiency and Cut Costs with Automated Payroll Processes

SAP Business One mobile app for Android Version 1.0.x November 2013

Complementary Demo Guide

Driving Customer Value leveraging SAP s strategy for the Internet of Things Internet of Things Technology Forum Frankfurt

Integration capabilities of SAP S/4HANA to SAP Cloud Solutions

SAP BusinessObjects Cloud

Keep Enterprise Assets Productive with Effective Master Data Governance

SAP Audit Management A Preview

K88 - Additional Business Operations for Loans. Process Diagram

Get Invoice Processing That s Ready for the Digital Economy and Your IT Landscape

Mobile app for ios Version 1.10.x, August 2014

Use Your Contact Center to Build a Better Customer Experience

Effortless Customer Service with SAP Cloud for Service

Reimagining Business with SAP HANA Cloud Platform for the Internet of Things

Automotive Consulting Solution. CHEP - EDI- Container Data

SAP HANA Vora : Gain Contextual Awareness for a Smarter Digital Enterprise

Software and Delivery Requirements

University Competence Center: Leading a Co-Innovation Project on SAP Cloud Appliance Library

SAP S/4HANA Embedded Analytics

Mobile app for Android Version 1.0.x, January 2014

Integration Capabilities of SAP S/4HANA to SAP Cloud Solutions

In-Store Merchandise and Inventory Management. SAP Best Practices for Retail

Varian Medical Systems: Maximizing the Speed of Mobile Apps with SAP Enterprise Support

Design the Future of Your Human Resources with SuccessFactors Solutions

Improve Field Service Performance with Augmented Reality Software and Smart Glasses

Centralize Supplier Information and Manage Performance

Simplify Field Service Management with SAP Solutions

Kennametal: Gaining Transparency in IT and Business with SAP Enterprise Support

T-Systems: Operate Complex IT Landscapes Efficiently with SAP Landscape Virtualization Management

Keolis: Accelerating Recruitment with SAP Cloud for HR Solutions

Mobile app for ios Version 1.11.x, December 2015

SAP-Managed Migration to SAP Business Suite powered by SAP HANA in the Cloud

SM250 IT Service Management Configuration

Leverage the Internet of Things to Transform Maintenance and Service Operations

Elevate Your Customer Engagement Strategy with Cloud Services

Optimizing Asset Value and Performance with Enterprise Content Management

Get Growing with the Starter Package for SAP Business One

SAP HANA SPS 09 - What s New? HANA IM Services: SDI and SDQ

Deliver Community-Powered Commerce to Optimize Revenue

SAP 3D Visual Enterprise Rapid-Deployment Solution

Learning Without Limits

Remote Connectivity Infrastructure

Transcription:

SAP Brief SAP Technology SAP Enterprise Threat Detection Objectives Protect Your Connected Business Systems by Identifying and Analyzing Threats

Prevent security breaches Prevent security breaches Are your processes supported by heterogeneous landscapes, interconnected systems, and mobile and cloud-based applications? Does your businesscritical information rely on SAP software? If so, key to your continued success is thwarting cybercriminals that are increasingly attempting to compromise your system landscapes. Enter the SAP Enterprise Threat Detection application. Your company recognizes that you need more than perimeter security to protect assets. Your IT organization has firewalls, intrusion detection, encryption, and so on in place, and your development organization ensures that its custom code is checked for vulnerabilities. But traditional security and event management solutions need to be complemented by important capabilities: insight into SAP business software, as well as sheer performance to process the vast amount of securityrelevant data. Threats from outside the company exist even with the most up-to-date protection. Attacks from within perimeter defenses, especially by internal personnel, are particularly dangerous, and social engineering can often nullify technical precautions. SAP Enterprise Threat Detection gives insight into suspicious activities in your SAP software centric landscape and enables you to identify breaches as they occur. Thus, you can react in time to neutralize danger and prevent critical damage to your business. 2 / 9

SAP Enterprise Threat Detection lets you take extensive advantage of log data, which provides a wealth of information on what happened within an application, a database, an operating system, or a network component. To make analysis easier, log data is supplemented by contextual data, such as the role of a system or the location of an IT asset. Using this combination, you can scout for cyberattacks on valuable assets. With threats coming from both inside and outside your organization, you want to know what is going on in the landscape. Are there unexpected activities? If so, what do these mean? Are they indicating an ongoing attack? If so, who is attacking? What immediate actions can you take to neutralize the attack? When you are analyzing the impact, how can you know what end-to-end actions took place and what was the resulting damage? To help you answer these questions, SAP Enterprise Threat Detection includes SAP Event Stream Processor combined with the SAP HANA platform to enable you to process and analyze any type of log data. Keep watch over your critical business data. Detect and analyze threats in real time. 3 / 9

The logs alone in a system landscape can easily be producing gigabytes of data each hour. Before you process it, you can extract the log data from each system and transfer it to SAP Event Stream Processor. Each SAP software system that relies on the ABAP programming language includes functionality that simplifies the extraction of log data. In addition, an open interface in SAP Enterprise Threat Detection lets you connect any other systems, be they applications or network components, such as proxies, routers, or switches. Thus, you can analyze logs from all systems to get a complete picture of the activities taking place in your landscape. SAP Event Stream Processor normalizes and enriches the log data coming in and pushes the data to the SAP HANA database, where you can correlate and analyze events from different logs and different systems. The survival of your business can depend on a well-founded decision made in seconds. 4 / 9

Using log data from SAP software such as user change logs, security audit logs, the remote function call (RFC) gateway log, and transaction logs you can analyze suspicious activity. Since attacks leave trails in logs, and these can be detected if you know what to look for, attack detection patterns are a key element of the application. These patterns encode how certain attacks show up in the logs. An alert is generated if the pattern appears in incoming log data. SAP continuously updates attack patterns, so SAP Enterprise Threat Detection helps you keep the rate of false positives low. And you can still configure the alerts to tune them for your specific situation. Because patterns are already available, just connect your software systems and choose which patterns are relevant for your system landscape. Then simply detect attacks on your SAP software, evidence of which would otherwise remain buried in the mass of log data. Of course, you can also develop new rules according to your own knowledge about possible attacks, incorporating additional logs you may have connected to SAP Enterprise Threat Detection. Take advantage of the powerful scanning functionality SAP uses to identify vulnerabilities in its own software systems. 5 / 9

In addition to using SAP Enterprise Threat Detection for real-time security monitoring, you can also perform ad hoc analysis. You can analyze an existing suspicion about an ongoing attack or analyze historical log and security data in forensic investigations or as part of a regulatory compliance process. The original log data on the connected systems is not affected by the extraction process, so you benefit from normalized and enriched data on a central management system. This lets you browse and analyze in real time while retaining the ability to return to the unaltered data if necessary for legal reasons. Real-time analysis of large amounts of data lets expert users experience almost instantaneous responses to complex queries and thereby follow leads that would previously have been hidden. Although SAP Enterprise Threat Detection comes with a palette of predefined attack detection patterns, browsing the data as part of a forensic investigation can uncover previously unknown attacks or attack variants. In this case, you can convert the results of the investigation into new attack detection patterns and store these for reuse in automated monitoring. 6 / 9

In an SAP software centric landscape, key business data is usually with the applications that are based on the application server for ABAP, and SAP Enterprise Threat Detection covers these business-critical systems. However, the application is open at both ends for customized integration of other systems and components for your specific needs. So, for example, there is a public application programming interface (API) that allows you to collect log data from non-sap software and from infrastructure components such as routers or proxies. And after alerts have been generated, a public API enables integration of SAP Enterprise Threat Detection in any incident management system or overall security solution you may have. You can further configure the solution for your needs by uploading contextual information regarding, for example, the landscape and users, to help with analysis of threats and tracing attack paths. Configurable situational dashboards and graphical navigation combine to make the security operator s job easier and more efficient. The application s open platform lets you gather and analyze log data from both SAP and non-sap software. 7 / 9

Safeguard your business Safeguard your business No current defense that you put around your valuable data assets can guarantee against future threats. With SAP Enterprise Threat Detection, you can monitor your systems for suspicious activities and be alerted in time to react effectively. The powerful real-time data processing combination of SAP Event Stream Processor and SAP HANA enables you to readily and efficiently identify security lapses in your landscape and build confidence in your overall security solution. A continuously changing threat environment requires a powerful and flexible security solution. 8 / 9

www.sap.com Objectives Summary The interconnected nature of modern business systems means that successful companies with critical business on SAP software effectively manage exposure to external and internal threats. The SAP Enterprise Threat Detection application helps you identify the real attacks as they are happening and analyze the threats quickly enough to neutralize them before serious damage occurs. Objectives Prevent security breaches from affecting the integrity of business processes such as by theft or manipulation of business data Gain insight into what is happening in your IT landscape A real-time to efficiently monitor SAP software centric landscapes Efficient analysis and correlation of the vast quantity of log data that systems and applications generate Integration with SAP and non-sap software systems and components Readily and efficiently identify security lapses in the landscape Detect threats in real time Optimally protect your key business data Learn More Visit www.sap.com/pc/tech/application -foundation-security/software/security -solutions-overview.html. 9 / 9 Studio SAP 31974enUS (14/07)

No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG or an SAP affiliate company. SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG (or an SAP affiliate company) in Germany and other countries. Please see http://www.sap.com/corporate-en/legal/copyright/index.epx#trademark for additional trademark information and notices. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. National product specifications may vary. These materials are provided by SAP AG or an SAP affiliate company for informational purposes only, without representation or warranty of any kind, and SAP AG or its affiliated companies shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP AG or SAP affiliate company products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty. In particular, SAP AG or its affiliated companies have no obligation to pursue any course of business outlined in this document or any related presentation, or to develop or release any functionality mentioned therein. This document, or any related presentation, and SAP AG s or its affiliated companies strategy and possible future developments, products, and/or platform directions and functionality are all subject to change and may be changed by SAP AG or its affiliated companies at any time for any reason without notice. The information in this document is not a commitment, promise, or legal obligation to deliver any material, code, or functionality. All forward-looking statements are subject to various risks and uncertainties that could cause actual results to differ materially from expectations. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of their dates, and they should not be relied upon in making purchasing decisions.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information