What is SAP Enterprise Threat Detection (ETD)
This tutorial is a brief introduction of SAP Enterprise Threat Detection
Today the modern business systems mean that successful companies with critical business on SAP software must efficiently manage exposure and use various methods to avoid the external and internal security threats.
Attacks we are able to identify in our SAP business landscape in real time
- Misuse of development rights within SAP
- Data breach in our SAP System
- Identifying the theft (SAP user)
- Various brutal force attacks (SAP RFC, web services etc)
- Misuse of administration rights within SAP system
The transparency we have in our SAP system landscape in real time.
- Various forensic tools to examine any suspicion
- Threat situation in last 24 hours
- Technical events vs sematic attacks
- Real time correlation of large amount of security data
SAP Enterprise Threat Detection (ETD)
SAP Enterprise Threat Detection allow users to identify the various security threats and attack happening in the real-time and help them to analyze the threats quickly enough in order to neutralize them before any serious damage occurs.
Therefore we can conclude that SAP ETD helps us in getting insights of our business system.
Main Use Cases of Enterprise Threat Detection
Real-time security monitoring
- Instant reacting on critical alerts
- Evaluating the attack detection patterns
- Gathering various events from the landscape
- Gaining an overview of the threat situation
Ad hoc analysis
- Performing forensic investigation
- Supporting compliance processes
- Analyze existing suspicions
Elements of SAP Enterprise Threat Detection
SAPETD consist of three elements:
- SAP ETD provides real time analytic on your security data including historical data based oh SAP HANA.
- There are big data which are actionable and also high quality indicator
- ETD has market leading in-memory technology
- ETD also provide anomaly detection across the system landscape.
- ThereforeETD is about security monitoring for our complete system landscape.
- ETD provides Standardized interface in order to receive additional information.
- Out-of-box integration with user chosen partners
- ETD allow users to integrate the non-SAP data.
- ETD provides ready to use patterns by SAP for SAP landscapes so that we don't have to create it by our self.ETD not only various types of the pattern but also take care of the data coming out from the system.
- All pattern delivered by SAP can be adjusted without coding
- ETD also provide Strong partner eco-system
Architecture of SAP Enterprise Threat Detection
SAP Enterprise Threat Detection has very short high level architecture
Advantage of SAP Enterprise Threat Detection Architecture
- SAP ETD provide patterns so we have basic security
- There are no agents on the operation system.
- SAP ETD allows adjustment without development easily.
- Provide Semantic events
- ETD has only one persistence layer that is SAP HANA platform.
- Standard Hardware which means lower implementation and operation cost.
Launch pad of SAP Enterprise Threat Detection
The ETD launch pad is the main entry point to the tools in SAP Enterprise Threat Detection. In the Launch Pad forensic lab tile takes you to the tool where you do ad hoc analysis and create attack detection patterns.