As more and more companies
are facing security issues and threats are usually first in the line a topic of
monitoring and evaluating of security related events becomes very important for
every big software vendor. SAP jumped on this bandwagon as well with their offering
called SAP Enterprise Threat Detection.
The aim of this solution is
to:
- offer real-time data platform for performing forensic investigations in order to discover suspicious patterns
- automatically evaluate of attack detection patterns
- analyze and correlate log
- integrate custom log providers
- find threats focused on SAP software
So all in all it helps to identify
the real attacks as they are happening and analyze the threats quickly enough
to neutralize them before serious damage occurs.
Technically it is based on
processing of data collected by ESP (Event Stream Processor). The ESP gets the
data from SAP NetWeaver Application servers (JAVA and ABAP), from SAP HANA
database and from non-SAP sources. The ESP then collected data provides to SAP
HANA engine to evaluate and analyze them and generate alerts based on analyses results.
Analyses that are done in HANA are patterns based. The patterns are developed
and enhanced by SAP. Customers can change them according their needs and also
they can create completely new ones.
Currently there is an SP02 available for SAP Enterprise
Threat Detection 1.0.
More information:
No comments:
Post a Comment