Today’s business landscapes tend to be heterogeneous with interconnected systems and increasing number of mobile and cloud-based applications. This diversity makes it difficult to use traditional approaches to protect assets from internal threats. The amount of security-relevant data generated by systems and applications in today’s landscapes is huge and is spread across a vast number of logs. And for organizations running SAP systems, a further challenge is to gain insights into SAP business systems to identify security risks.

SAP Enterprise Threat Detection

Camelot ITLab handles these challenges through SAP Enterprise Threat Detection (ETD), a native SAP HANA application which SAP designed to protect its own business data. It combines the high-performance complex event processing functionality of SAP Event Stream Processor (SAP ESP) and the real-time capabilities of SAP HANA to create a powerful solution for processing and analyzing security-relevant data. SAP ETD helps security administrators to detect, monitor, and analyze security events to provide insight into what is happening throughout heterogeneous landscapes including SAP and non-SAP systems by scanning log files.

Systems monitored by SAP Enterprise Threat Detection are known as log providers. Log data is extracted and transferred from the log providers to SAP ETD. The SAP ESP engine pre-processes the incoming log data and makes it compatible for SAP HANA, and then sends it to the SAP HANA database, where it is stored. Then, SAP ETD runs attack detection patterns on the log data and generates alerts when suspicious patterns are found. It is all based on a user-friendly SAP Fiori interface.

Data compliance within ETD

The information contained in all alerts such as system, user, or terminal information is very useful for threat analysis. As we make use of only normalized, enriched and pseudonymized information instead of the raw log data, data compliance is not compromised and greatly reduces the amount of information being transferred to the external tool. Camelot ITLab imposes a division of responsibility between those who can access individual’s identities and those who cannot, when legal follow-ups or actions are required for a forensic investigation.

Real-time analysis in ETD

SAP Enterprise Threat Detection allows you to perform real-time analysis and correlation of vast log data regardless of its original source, and it is used as a stand-alone security monitoring solution. It helps you identify the attacks as they happen using real-time data and analyze the threats quick enough to neutralize them before serious damage occurs.

The speed at which ETD analyzes security-relevant log data gives a significant advantage in combating cybercrime. The earlier you can address a threat, the smaller the window for causing damage to your business. Security breaches in large landscapes is the key problem that SAP ETD is designed to solve, as security threats continue to evolve.

Recommended articles

Supply Chain Management

Success factors for DDMRP in a constrained manufacturing environment (I)

Recently, the Demand-Driven MRP (DDMRP) methodology has been gaining increasing popularity. More and more companies across all industries apply the DDMRP …

read more
Future Value Chain

How to get your employees on board in times of crisis?

In times of crisis your internal communication is as crucial as your external communication is. However, the first one is often …

read more
Data & Analytics

Successfully Designing the Digital Transformation

Companies have no choice but to digitalize if they want to remain competitive. Many companies have understood this and acted accordingly. …

read more

Reimagine your Value Chain with us

Contact us